Chris Searle

Instead of using a self-signed certificate with glassfish (see Creating new SSL keys with keytool for glassfish) - we want to use one that is signed by a certificate authority.

Based on http://blogs.sun.com/enterprisetechtips/entry/using_ssl_with_glassfish_v2

Technorati Tags: glassfish keystore keytool openssl ssl English

I needed to generate a new certificate for glassfish's admin pages.

Instead of using the normal OpenSSL self-signed certificate it was easier just to use the java keystore keytool

keytool -genkey -keyalg RSA -alias
<alias_referred_to_in_glassfish>
-keystore glassfish/domains/domain1/config/keystore.jks
-storepass changeit

Note the -keyalg RSA - keytool by default uses DSA and firefox 3.0 will not accept this even with an added security exception.

Technorati Tags: glassfish java keystore keytool ssl English

I have had jira and confluence running under tomcat 5.5.23 (behind apache over AJP13/mod_jk) for a while now. The aim is to migrate them over to glassfish (behind the same apache but with mod_proxy).

Software versions:

• Atlassian Jira 3.12.2
• Atlassian Confluence 2.8.0
• Apache Tomcat 5.5.23
• Glassfish 2.1 build 39

Technorati Tags: apache atlassian confluence glassfish jira mod_jk mod_proxy tomcat English