How to install/renew SSL Certificate for Glassfish
From certificate authority, you should generally receive two files
Your signed certificate : generally named as “yourdomain.com.crt”
Root certificate of your certificate (you might receive more than one. In some cases certification authority sends the intermediate certificates) : Godaddy names it “gd_bundle-g2-g1.crt”
Next step is importing the keystore you used to generate the request into the Glassfish’s keystore:
keytool -importkeystore -srckeystore /your-former-used-for-request/keystore.jks -destkeystore $GLASSFISHHOME/domains/yourdomain/config/keystore.jks
Now, the final step done on keystore is importing the signed certificate. First, we gotta switch to Glassfish’s keystore and import the root certificate:
cd $GLASSFISH_HOME/domains/yourdomain/config
keytool -import -v -trustcacerts -alias root -file gd_bundle-g2-g1.crt -keystore keystore.jks -keypass changeit -storepass changeit
Then, import the signed certificate of yours:
keytool -import -v -trustcacerts -alias s1as -file yourdomain.com.crt -keystore keystore.jks -keypass changeit -storepass changeit
At last, restart GlassFish.
If you are not installing for the first time, and are just renewing it, you may only need to to the last step, i.e. import the new signed certificate of yours and restart GlassFish.
Your signed certificate : generally named as “yourdomain.com.crt”
Root certificate of your certificate (you might receive more than one. In some cases certification authority sends the intermediate certificates) : Godaddy names it “gd_bundle-g2-g1.crt”
Next step is importing the keystore you used to generate the request into the Glassfish’s keystore:
keytool -importkeystore -srckeystore /your-former-used-for-request/keystore.jks -destkeystore $GLASSFISHHOME/domains/yourdomain/config/keystore.jks
Now, the final step done on keystore is importing the signed certificate. First, we gotta switch to Glassfish’s keystore and import the root certificate:
cd $GLASSFISH_HOME/domains/yourdomain/config
keytool -import -v -trustcacerts -alias root -file gd_bundle-g2-g1.crt -keystore keystore.jks -keypass changeit -storepass changeit
Then, import the signed certificate of yours:
keytool -import -v -trustcacerts -alias s1as -file yourdomain.com.crt -keystore keystore.jks -keypass changeit -storepass changeit
At last, restart GlassFish.
If you are not installing for the first time, and are just renewing it, you may only need to to the last step, i.e. import the new signed certificate of yours and restart GlassFish.
See also:
Comments
Post a Comment