users@jersey.java.net

RE: [Jersey] Problem with Glassfish v3 SSL

From: Jordi Domingo <noseya_at_hotmail.com>
Date: Fri, 18 Sep 2009 19:45:26 +0200

Hi again :)
I had to put ./config/cacerts.jks because at first try, using cacerts.jks, a file not found appeared. cacerts.jks is an existing keystore in domain1/config folder.
Thanks,
Jordi

> Date: Fri, 18 Sep 2009 13:07:39 -0400
> From: Jeanfrancois.Arcand_at_Sun.COM
> To: users_at_jersey.dev.java.net
> Subject: Re: [Jersey] Problem with Glassfish v3 SSL
>
>
> Salut,
>
> (Thanks to Kedar who works with my team for the help)
>
> Is it possible to import the cert in
> existing truststore and just refer to it using the alias?
>
> The other issue is ./config/beliv.jks can be problematic. If the
> server's pwd when it starts (user.dir) is domain-folder/config,
> ./config/beliv.jks is going to result (mostly) in a non-existent file.
>
> Let me know how it goes.
>
> -- Jeanfrancois
>
> Jordi Domingo wrote:
> > Salut Jeanfrancois,
> >
> > I enabled ssl and configured the certificate nickname to beliv, keystore
> > to beliv.jks (its in domains/domain1).
> >
> > I used this commands to create and import the certificate
> >
> > keytool -keystore beliv.jks -keypass changeit -storepass changeit
> > -genkey -alias beliv -keyalg RSA -dname "CN=beliv.xxx.com, OU=I_D,
> > O=blueliv, L=Barcelona, ST=Barcelona, C=ES"
> >
> > keytool -export -alias beliv -storepass changeit -file server.cer
> > -keystore beliv.jks
> >
> > keytool -import -v -trustcacerts -alias beliv -file server.cer -keystore
> > ./config/cacerts.jks -keypass changeit
> >
> >
> > I attached an image of the config in admin tool
> >
> > Thanks,
> >
> > Jordi
> >
> > > Date: Fri, 18 Sep 2009 11:05:56 -0400
> > > From: Jeanfrancois.Arcand_at_Sun.COM
> > > To: users_at_jersey.dev.java.net
> > > Subject: Re: [Jersey] Problem with Glassfish v3 SSL
> > >
> > > Salut,
> > >
> > > can you post your domain.xml and the exact configuration changes you did
> > > (if you)?
> > >
> > > Thanks
> > >
> > > -- Jeanfrancois
> > >
> > > Jordi Domingo wrote:
> > > > Hi,
> > > >
> > > > I'm trying to work with https with GFv3.
> > > >
> > > > It works, but its very very very slow and in the console for every
> > > > request appear this exception:
> > > >
> > > >
> > > > GRAVE: ProtocolChain exception
> > > > java.lang.IllegalArgumentException: CipherSuites may not be null
> > > > at
> > > >
> > com.sun.net.ssl.internal.ssl.CipherSuiteList.<init>(CipherSuiteList.java:58)
> > > > at
> > > >
> > com.sun.net.ssl.internal.ssl.SSLEngineImpl.setEnabledCipherSuites(SSLEngineImpl.java:1724)
> > > > at
> > com.sun.grizzly.filter.SSLReadFilter.newSSLEngine(SSLReadFilter.java:358)
> > > > at
> > > >
> > com.sun.grizzly.filter.SSLReadFilter.obtainSSLEngine(SSLReadFilter.java:394)
> > > > at com.sun.grizzly.filter.SSLReadFilter.execute(SSLReadFilter.java:154)
> > > > at
> > > >
> > com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)
> > > > at
> > > >
> > com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)
> > > > at
> > > >
> > com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)
> > > > at
> > com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76)
> > > > at
> > > >
> > com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)
> > > > at
> > > >
> > com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)
> > > > at com.sun.grizzly.ContextTask.run(ContextTask.java:69)
> > > > at
> > > >
> > com.sun.grizzly.util.FixedThreadPool$BasicWorker.dowork(FixedThreadPool.java:379)
> > > > at
> > > >
> > com.sun.grizzly.util.FixedThreadPool$BasicWorker.run(FixedThreadPool.java:360)
> > > > at java.lang.Thread.run(Thread.java:619)
> > > >
> > > >
> > > > I tried a lot of things in the admin console, i'm using a self-signed
> > > > certificate (i verified it through the browser).
> > > >
> > > > Dont know what to do. Any help would be very appreciated.
> > > >
> > > > Thanks
> > > >
> > > >
> > ------------------------------------------------------------------------
> > > > Hay tantos ordenadores como personas. ¡Descubre ahora cuál eres tú!
> > > > <http://www.quepceres.com/>
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: users-unsubscribe_at_jersey.dev.java.net
> > > For additional commands, e-mail: users-help_at_jersey.dev.java.net
> > >
> >
> > ------------------------------------------------------------------------
> > Celebramos el 10º aniversario de Messenger. ¡Únete a la fiesta!
> > <http://www.vivelive.com/felicidades>
> >
> >
> > ------------------------------------------------------------------------
> >
> >
> > ------------------------------------------------------------------------
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe_at_jersey.dev.java.net
> > For additional commands, e-mail: users-help_at_jersey.dev.java.net
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_jersey.dev.java.net
> For additional commands, e-mail: users-help_at_jersey.dev.java.net
>

_________________________________________________________________
Con Vodafone disfruta de Hotmail gratis en tu móvil. ¡Pruébalo!
http://serviciosmoviles.es.msn.com/hotmail/vodafone.aspx
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.