Hi,
I have downloaded and installed Glassfish 3.0.1 and so far I am glad it work all almost as I expected...
What I have done so far is using the keytool to generate an own key for https usage instead of using the standard key from oracle (alias: "s1as"). I have used the following command:
keytool [b]-keysize 2048[/b] -genkey -alias myalias -keyalg RSA -dname "CN=mycn,O=myo,L=myl,S=mys,C=myc" -validity 3650 -keypass changeit -storepass changeit -keystore keystore.jks
This all worked fine. And I did not even have to restart Glassfish:
when I called
https://localhost:4848 it took automatically the new key even though I did not change anyhing in the configuration by using admin console (==> setting was still "s1as").
[b]Question 1: Why did Glassfish automatically took my new key?[/b]
Anyway... I continued and changed "s1as" in admin console to "myalias", which references the key I generated (see above). Then I saw that there are some "CipherSuites" section within the SSL tabs of my http-listener2 and the others. What I see there is:
[b]
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
[/b]
What does this exactly mean???
Are only 256 bit CipherSuites supported or what?
Remember I created a 2048 bit key, which does not seem to be a problem for Glassfish (because I saw no errors/exceptions/warnings).
Thanks in advance,
Nabi
[Message sent by forum member 'nabizamani']
http://forums.java.net/jive/thread.jspa?messageID=474952