- Prepare a certificate (issued for the FQDN of the server running Glassfish) in PKCS#12 format (p12 extension) containing the private/public key pair; OpenSSL can be used to generate a CA and generate afterwards test certificates
- In target domains/<domanin>/config/cacerts.jks add* CA public certificate; default keystore password is 'changeit'
- In target domains/<domanin>/config/keystore.jks add the p12 certificate; use the same password as the keystore ('default value 'changeit')
- Open adnin console, go to server configuration and expand it to Network Config->Network Listners->network-listner-2, SSL tab.
- Replace the default test certificate name (s1as) with the keystore name of the newly added certificate
- Apply changes and restart glassfish
*You can use Portecle GUI based tool to manage keystores
No comments :
Post a Comment