On 07-Jul-2011, at 12:44 AM, forums_at_java.net wrote:
> Thanks for the tip, that worked:
>
> asadmin change-master-password --savemasterpassword=true domain1
>
> The keystore now uses the new password, and SSL is still working. Since
> there is now a master password I needed to use the --savemasterpassword=true
> so my startup script will work without human intervention. I will protect
> it with filesystem rights. I am curious about this note in the asadmin
> help:
>
> "Saving the master password on disk is extremely insecure and
> should be avoided."
>
> What are the other options? I can't have a person type the password in
> every time GlassFish starts up.
the --savemasterpassword is primarily for automated restart as you point out. One way to make it secure is by securing the login account under which GlassFish is installed and ensure the file is not readable by all.
>
>
>
> Thanks,
>
> Ryan
>
>
> --
>
> [Message sent by forum member 'rdelaplante']
>
> View Post: http://forums.java.net/node/819052
>
>