Step by step guide on how to enable SSL on a Glassfish server.
1) create the keystore with this command (this is found in the jdk/bin)
keytool -genkey -alias test -keysize 2048 -keyalg RSA -keystore mykeystore.jks -dname "CN=www.testsite.hn, OU=testing, O=Org namel, L=City name, S=State, C=country"
*remember the CN is the url you wish to cerftify so place it as wished.
2)
*Create the request that versign needs
keytool -certreq -alias test -keystore mykeystore.jks -file testserver.cer
3)
Get all 3 certificates that versign gives you as following
*Save the email certificate as email.cer,
*Save the intermediate certificate as intermediate.cer
*Save the root certificate as root.cer
*perform the next steps, you can just copy & paste on the commandline
keytool -import -alias verisigncert -keystore mykeystore.jks -trustcacerts -file root.cer
keytool -import -alias verisigninter -keystore mykeystore.jks -trustcacerts -file intermediate.cer
keytool -import -alias test-server -keystore mykeystore.jks -trustcacerts -file email.cer
*Once that is done, go to and place the mykeystore.jks at glassfish/domain/domainX folder (domainX is the domain you wish the certificate to work at)
4)
*Now we configure the ssl, to make this simple go and use the web admin consule, go to network config/Network Listener/http-listener-2
-Enable security
-port to listen 443 (MAKE SURE NO OTHER APP HAS USED THIS PORT)
* Go to the SSL tab
Certificate NickName: test
Key Store: mykeystore.jks
5)
*Go to the virtual servers and add
hosts:www.testsite.hn
(Has to be the same as the CN in the first step)
(Set the app as the default app for the url)
Default Web Module: YOURapp
6)
* if your under windows go to windows/system32/drivers/hots and add
127.0.0.1 www.testsite.hn
7) *restart glassfish and run your app
No comments:
Post a Comment