If one of the passwords does not match the others, please see the Troubleshooting section at the end to change it. Note: For the certificate to work on GlassFish, the GlassFish master password for the domain, the keystore password, and the private key password must all be the same. If you used different passwords for the keystore and the private key, the private key password will need to be entered too. Depending on the certificate format you used for import, there will be a different number of imported entries. The password for GlassFish keystores is the same as the GlassFish master password for the domain by default, it is changeit.
You will be prompted to type in the password for both keystores, starting from the destination keystore keystore.jks. Keytool -importkeystore -srckeystore mykeystore. The following command is used to import one keystore into another: If you have added a new domain to GlassFish, the corresponding directory name should be used instead. When the keystore is ready, it should be imported into the default GlassFist keystore, which can be found in the following location: glassfish4/glassfish/domains/ domain1 /config/keystore.jksĭomain1 is the default domain created by GlassFish. The screenshot below illustrates the import process for certificate files in PEM: Here the alias has to be the same as the keystore alias. Keytool -import -trustcacerts -alias myalias -file file.crt -keystore mykeystore. When the CA bundle is imported, you can import the certificate with the following command: The alias used to import the CA bundle can be any name, but it has to be different from the alias of the keystore. Keytool -import -trustcacerts -alias ca -file file.ca-bundle -keystore mykeystore. The CA bundle can be imported with this command:
ca-bundle file, you can download it from your account. Importing the certificate files in PEM requires first importing the CA certificates (.ca-bundle file), and then importing the certificate itself. You can review the alias with this command: keytool -list -v -keystore mykeystore.jksīelow is a screenshot of an example import: The myalias value should be the same alias that was initially set for the keystore. You will be prompted to enter the keystore password that was set when creating the keystore. Keytool -import -trustcacerts -alias myalias -file file.p7b -keystore mykeystore. Importing the certificate in PKCS#7 is done with a single command: It is sufficient to import the certificate in only one of the following formats. The certificate files should be uploaded to your server so they can be imported into the keystore. cer) since this process is simpler however, they can be imported in PEM as well. We recommend importing the certificate files in PKCS#7 format (.p7b /. ca-bundle files), and in the PKCS#7 format (.p7b). zip archive downloaded from your account will contain your certificate and CA bundle in PEM format (.crt and.
If you cannot retrieve the keystore, the certificate will need to be reissued with a new keystore.Ĭertificate files can be downloaded from your account or retrieved from the email sent by Comodo ( now Sectigo). This keystore is the only one that contains the private key for your certificate. For this, you will need to locate the keystore that was used to generate the CSR.
jks files), the certificate files need to be imported into the keystore with the corresponding private key before installation. After your certificate is activated and issued, you can proceed with its installation on GlassFish.
0 kommentar(er)
