users@glassfish.java.net

Re: deleting keystore without keystore password?

From: Bernhard Thalmayr <bernhard.thalmayr_at_painstakingminds.com>
Date: Thu, 12 Jan 2012 09:46:42 +0100

You have to be aware that you need a keypair (private/public) to get a
working ssl socket.

Just exporting the cert (which includes the singed public key) from the
productive server will not be sufficient.

You have to copy the complete keystore to make it work, but actually a
private key is meant to be bound to a host.... not a service.

-Bernhard


On 01/11/2012 07:37 PM, forums_at_java.net wrote:
> We have a VM on RedHat with GlassFish 3.1.1 that we are using as a test
> server.
>
> original server: bndwsint01.example.org
>
> new server: bndwsqa20.example.org
>
> I noticed this INFO message in the GlassFish server.log file:
>
> [#|2012-01-11T10:01:26.849-0800|INFO|oracle-glassfish3.1.1|javax.enterprise.system.tools.admin.com.sun.enterprise.container.common|_ThreadID=21;_ThreadName=Thread-2;|User
>
> [] from host *bndwsint01.example.org* does not have administration
> access|#]
>
> Not sure where that is coming from so I looked in the conf folder. I
> noticed
> in the keystore.jks and cacerts.jks files it has bndwsint01.example.org for
> CN.
>
> This is what I would like to do:
>
> Delete the default cert that we get with GlassFish but I do not have the
> keystore password. We have an SSL cert that is on our production server.
> I was thinking of installing it on this qa server.
>
> Can anyone help?
>
> Thanks,
>
> AR
>
>
> --
>
> [Message sent by forum member 'scAdaLL01']
>
> View Post: http://forums.java.net/node/882634
>
>
>


-- 
Painstaking Minds
IT-Consulting Bernhard Thalmayr
Herxheimer Str. 5, 83620 Vagen (Munich area), Germany
Tel: +49 (0)8062 7769174
Mobile: +49 (0)176 55060699
bernhard.thalmayr_at_painstakingminds.com - Solution Architect
This e-mail may contain confidential and/or privileged information.If 
you are not the intended recipient (or have received this email in 
error) please notify the sender immediately and delete this e-mail. Any 
unauthorized copying, disclosure or distribution of the material in this 
e-mail is strictly forbidden.