keytool

Installing a CA signed certificate for glassfish

Submitted by chris on Sat, 2008-08-09 11:31

Instead of using a self-signed certificate with glassfish (see Creating new SSL keys with keytool for glassfish) - we want to use one that is signed by a certificate authority.

Based on http://blogs.sun.com/enterprisetechtips/entry/using_ssl_with_glassfish_v2

For this entire post - the keystore.jks file is the one found in the glassfish domain config - e.g. glassfish/domains/domain1/config/keystore.jks

Technical:

Creating new SSL keys with keytool for glassfish

Submitted by chris on Wed, 2008-07-30 10:19

I needed to generate a new certificate for glassfish's admin pages.

Instead of using the normal OpenSSL self-signed certificate it was easier just to use the java keystore keytool

keytool -genkey -keyalg RSA -alias
<alias_referred_to_in_glassfish>
-keystore glassfish/domains/domain1/config/keystore.jks
-storepass changeit

Note the -keyalg RSA - keytool by default uses DSA and firefox 3.0 will not accept this even with an added security exception.

Technical:

Adding self-signed https certificates to java keystore

Submitted by chris on Thu, 2007-10-25 11:57

There are several reasons you may need to add a self-signed https ssl certificate to your local java keystore.

For me - its so that maven can access DAV shares for repository deployment.

Technical:

Subscribe to RSS - keytool