Certificate Installation: Glassfish
Posted by Technical Support 271, Last modified by on April 18 2013 18:05
Certificate Installation for GLASSFISH:|
After approval you need to download a zip file which contains all certificates you need. During this step you will be asked for which server you are downloading certificates. You could select other because glassfish is not listed. Your download may contain 3 files Depending on the Certificate Type:
First file "bundle" are certificates belonging to comodo.com. They are used to verify your domain’s certificate. They may already contained in your cacerts.jks but there is no harm importing them in your keystore.jks. Import these certificates to your keystore.jsk using following steps:
keytool -import -trustcacerts -alias root -file (ROOT CERTIFICATE FILE NAME) -keystore domain.key
keytool -import -trustcacerts -alias intermed -file (INTERMEDIATE CA FILE NAME) -keystore domain.key
keytool -import -alias mydomain.com -keystore keystore.jks -trustcacerts -file mydomain.com.crt
If you are warned certificate already exist with a different alias choose yes to continue importing certificate.
As we have said at the beginning your domain’s domain.xml file contains references to s1as certificate. Open domain.xml with your editor of choice and replace every s1as with mydomain.com and save it.
4) Test your setup
Start your domain using following command. You will be asked master password of your keystore.jks.
asadmin start-domain your_domain
Enter master password (3) attempt(s) remain)>Enter your master password here
Check your setup my navigating to https:// mydomain.com:ssl_port/. Your browser of choice will either warn you about invalid certificate, or you will see that it is verified by COMODO.
Note: ssl_port is by default 8181, if you haven’t changed it yet from your domain.xml. If you change it to default 443, do not forget to configure your firewall to allow TCP over that port.