Issues with setting up SSL on Glassfish v3

web-server ssl glassfish

To set up SSL on a fresh install of Glassfish 3.1

I had numerous issues with 3.0.1 so I would recommend upgrading to 3.1

Following the instructions on the link above, this successfully creates the keystore and certificates.

Change Master password

The master password which is set on Glassfish is also the password which allows access to the SSL certificate store. The default password for Glassfish 3.1 is "changeit", Glassfish 3.0.1 doesnt have a default master password. To change the master password open a command prompt and type

cd C:\glassfish3\bin

asadmin change-master-password

You will be prompted for the default password then asked to enter a new password which should be set to whatever you set your certificate store password to.

Install the certificate

copy the file server.keystore file to C:\glassfish3\glassfish\domains\domain1\config\

In C:\glassfish3\glassfish\domains\domain1\config open the domain.xml document and find all instances of the phrase s1as and replace them with the alias you gave your certificates. There should be approximately 22 changes. In the same document replace all instances of keystore.jks to server.keystore, this is the name of the new keystore created in the javadude instructions above. There should be 2 changes.

Setting up glassfish for SSL

Start Glassfish server by going to Start -> All Programs -> Glassfish server open source edition web profile -> Start application server. This will open a cmd window minimised at the bottom of the screen. Maximise this and enter the Glassfish master password. Open a web browser and enter the URL http://localhost:4848 to access the administration console. Go to Configurations -> Server config -> Network config -> Network listeners -> Http-listener-2. Change the Port to 443 and make sure the enable security box is checked. Click save. On the SSL Tab check the box next to SSL3 and TLS, change the certificate NickName to the alias you set in the previous step (if it hasnt already automatically set) and click save.


If you use the GF as Windows Service you have to save the master password using the following command:

asadmin change-master-password --savemasterpassword true

In other case Windows service will not start again.

Related

How do get apache display url request in Top and PS?
No newline after div?
Self-Hosted Desktop Support Remote Control Software (for Windows)? [closed]
Remote orderly shutdown of EC2 instance?
Chrome extension; open a link from popup.html in a new tab
Windows 2008 never run a program "as administrator"
HTTP streaming server behind nginx?
Zabbix: What does "Questions" mean in "MySQL Command Counters"?
NGINX Redirect Rule: Subfolder only to HTTPS?
can I use US servers in Europe?
Do I need routing protocols on a small network?
Problems installing OS on Dell PowerEdge R410