Step-by-step instructions to install an SSL certificate on Oracle GlassFish
Oracle GlassFish server, also known as GlassFish, is an open-source application server. The GlassFish project was started by Sun Microsystems for the Java platform and now it’s sponsored by Oracle Corporation. The first version of GlassFish was launched in 2007 and the version 5, released in 2017 is the latest one.
Enough with the introduction, let’s get to the point you’re here for—SSL installation on Oracle GlassFish server. Follow the below steps to generate a CSR and install an SSL certificate on GlassFish.
Generate Private Key
#keytool -keysize 2048 -genkey -alias s1as -keyalg RSA -dname "CN=*.mydomain.com,O=Myorganization,L=city,S=state,C=country" -keypass changeit -storepass changeit -keystore keystore.jks
You’ll need to replace the bold parts of the above syntax with your details. Here’s what the details represent:
CN: www.yourdomaninname.com or yourdomainname.com
O: Write the full name of your organization without any special characters. If you want to issue an OV or an EV SSL certificate, you must type in the legal name of your organization.
L: Write the full name of your or your organization’s city.
S: Write the full name of your or your organization’s state.
C: Your 2-digit country code
Note: Once you run the above command, you will be asked to enter the password of keystore. Make sure that the keystore password is same as the GlassFish’s master password. If you have forgotten your password and hadn’t changed it from the beginning, changeit should be your default password.
Once you enter the details, you will be asked to verify the accuracy of the details you just entered. To confirm, type y and hit enter. Now you’ll be asked to enter the key password. Press enter to keep the key password same as the keystore password.
Generate CSR
Run the below command to generate a CSR:
> keytool -certreq -alias youralias -file yourcsrname.csr -keystore yourkeystorename.jks
Download Certificate Files
Your certificate authority (CA) would’ve sent you the certificate files. Ideally, it will be sent in a zip file and it’d have three files.
Import Certificate Files
Once you’ve downloaded your certificate files, you’d need to import them into the keystore. Enter the below commands for different files.
keytool -import -trustcacerts -alias root -file (ROOT CERTIFICATE FILE NAME) -keystore domain.key
keytool -import -trustcacerts -alias intermed -file (INTERMEDIATE CA FILE NAME) -keystore domain.key
keytool -import -alias mydomain.com -keystore keystore.jks -trustcacerts -file mydomain.com.crt
Import Files into the default keystore
It helps in developing scalable and portable applications. To import files from the original keystore to the default keystore, you’d need to run the following command:
> keytool -importkeystore -srckeystore yourkeystorename.jks -destkeystore keystore.jks
Enable HTTPS in HTTP-Listener-2
To enable HTTPS in GlassFish’s HTTP-Listener, follow the outlined steps:
- First, go to the GlassFish admin console.
- Now go to Configurations -> Server Config -> http-listener-2.
- Go to the General tab and change the port to 443.
- In the SSL tab, change the Certificate NickName from s1as to the alias of your main certificate file.
- Save the changes you made.
All done? Well, congratulations! You just installed an SSL certificate on Oracle GlassFish.
Important Resource
Related Posts
- Install SSL Certificate on Oracle Wallet Manager
- Install SSL Certificate on Oracle iPlanet Web Server
- Install SSL Certificate on BEA WebLogic Server
- Install SSL Certificate on F5 FirePass SSL VPN
- Install SSL Certificates on AEP Netilla SSL VPN
Save Up to 89% on SSL Certificates
Oracle Glasshfish only accepts SSL Certificate from a genuine and trusted SSL Certificate Authority. Buy trusted SSL Certificate at a cheap price with heavy discounts.
