![]() ![]() Now, you must restart GF/Payara41 to get new cert configs. Keytool -list -keystore cacerts.jks -storepass $KEYSTOREPWGF Keytool -noprompt -import -noprompt -trustcacerts -alias root -file fullchain.cer -keystore cacerts.jks -srcstorepass $KEYSTOREPW -deststorepass $KEYSTOREPWGF -destkeypass $KEYSTOREPWGF Keytool -noprompt -importkeystore -destkeystore cacerts.jks -srckeystore cert_and_key.p12 -srcstoretype PKCS12 -alias myname -srcstorepass $KEYSTOREPW -deststorepass $KEYSTOREPWGF -destkeypass $KEYSTOREPWGF Keytool -list -keystore keystore.jks -storepass $KEYSTOREPWGF Keytool -noprompt -importkeystore -destkeystore keystore.jks -srckeystore pkcs.p12 -srcstoretype PKCS12 -alias s1as -srcstorepass $KEYSTOREPW -deststorepass $KEYSTOREPWGF -destkeypass $KEYSTOREPWGF Openssl pkcs12 -export -in fullchain.cer -inkey $DOMAIN.key -out pkcs.p12 -name s1as -password pass:$KEYSTOREPW Keytool -noprompt -importkeystore -destkeystore keystore.jks -srckeystore pkcs.p12 -srcstoretype PKCS12 -alias glassfish-instance -srcstorepass $KEYSTOREPW -deststorepass $KEYSTOREPWGF -destkeypass $KEYSTOREPWGF Openssl pkcs12 -export -in fullchain.cer -inkey $DOMAIN.key -out pkcs.p12 -name glassfish-instance -password pass:$KEYSTOREPW Keytool -noprompt -import -noprompt -trustcacerts -alias root -file fullchain.cer -keystore keystore.jks -srcstorepass $KEYSTOREPW -deststorepass $KEYSTOREPWGF -destkeypass $KEYSTOREPWGF Keytool -noprompt -importkeystore -destkeystore keystore.jks -srckeystore cert_and_key.p12 -srcstoretype PKCS12 -alias myname -srcstorepass $KEYSTOREPW -deststorepass $KEYSTOREPWGF -destkeypass $KEYSTOREPWGF ![]() Openssl pkcs12 -export -in $DOMAIN.cer -inkey $DOMAIN.key -out cert_and_key.p12 -name myname -CAfile ca.cer -caname root -password pass:$KEYSTOREPW GFDOMAIN=$GF_HOME/glassfish/domains/domain1/Įcho Create IN A and TXT value entries in my DNS server for $DOMAINĬp $GFDOMAIN/config/keystore.jks $GFDOMAIN/config/keystore-orig.jksĬp $GFDOMAIN/config/cacerts.jks $GFDOMAIN/config/cacerts-orig.jks Hi and did this script to install cert LetsEncrypt into GF/Payara: Java.io.IOException: injection failed on. with class .pluggable.SecuritySupportĪt .(JSSE14SocketFactory.java:188)Īt .SSLConfigHolder.initializeSSL(SSLConfigHolder.java:363)Īt .nfigureSSL(SSLConfigHolder.java:241)Īt .GrizzlyEmbeddedHttps$LazySSLInitializationFilter.execute(GrizzlyEmbeddedHttps.java:202)Īt .executeProtocolFilter(DefaultProtocolChain.java:137)Īt .execute(DefaultProtocolChain.java:104)Īt .execute(DefaultProtocolChain.java:90)Īt .HttpProtocolChain.execute(HttpProtocolChain.java:79)Īt .doCall(ProtocolChainContextTask.java:54)Īt 圜ontextTask.call(SelectionKe圜ontextTask.java:59)Īt .run(ContextTask.java:71)Īt .AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)Īt .AbstractThreadPool$n(AbstractThreadPool.java:513) Sudo cp -f keystore.jks $GFDOMAIN/config/Īfter configure the commands below, GF arises this error in server.log: [#|T14:25:15.676-0400|WARNING|glassfish3.1.2|.GrizzlyServiceListener|_ThreadID=102 _ThreadName=Thread-2 |GRIZZLY0007: SSL support could not be configured! Sudo keytool -list -keystore keystore.jks -storepass $KEYSTOREPW Sudo keytool -importkeystore -destkeystore keystore.jks -srckeystore pkcs.p12 -srcstoretype PKCS12 -alias s1as -srcstorepass $KEYSTOREPW -deststorepass $KEYSTOREPW -destkeypass $KEYSTOREPW ![]() Sudo openssl pkcs12 -export -in $LIVE/fullchain.pem -inkey $LIVE/privkey.pem -out pkcs.p12 -name s1as -password pass:$KEYSTOREPW Sudo keytool -importkeystore -destkeystore keystore.jks -srckeystore pkcs.p12 -srcstoretype PKCS12 -alias glassfish-instance -srcstorepass $KEYSTOREPW -deststorepass $KEYSTOREPW -destkeypass $KEYSTOREPW Sudo openssl pkcs12 -export -in $LIVE/fullchain.pem -inkey $LIVE/privkey.pem -out pkcs.p12 -name glassfish-instance -password pass:$KEYSTOREPW Sudo keytool -import -noprompt -trustcacerts -alias root -file $LIVE/chain.pem -keystore keystore.jks -srcstorepass $KEYSTOREPW -deststorepass $KEYSTOREPW -destkeypass $KEYSTOREPW Sudo keytool -importkeystore -destkeystore keystore.jks -srckeystore cert_and_key.p12 -srcstoretype PKCS12 -alias myalias -srcstorepass $KEYSTOREPW -deststorepass $KEYSTOREPW -destkeypass $KEYSTOREPW Sudo openssl pkcs12 -export -in $LIVE/cert.pem -inkey $LIVE/privkey.pem -out cert_and_key.p12 -name myalias -CAfile $LIVE/chain.pem -caname root -password pass:$KEYSTOREPW ![]() Specifically if anyone know how to query for the password rather than hardcoding it. I made this shell script to automate the import of the newly renewed/created certificates into the Java Keytool and Glassfish.Īny pointers or ideas for improvements. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |