具有Glassfish 4的StartSSL域验证证书
我只是无法从StartSSL获得ssl证书来工作 我在本地系统上有一个运行glassfish的版本,并在将它们上传到虚拟服务器之前对其进行了更改 以下是我所做的: 1。创建企业社会责任 “openssl req-newkey rsa:2048-keyout yourname.key-out yourname.csr” 2。粘贴的CSR上下文(介于-开始/结束证书请求之间-- 3.从StartSSL下载生成的证书文件 收到以下文件:具有Glassfish 4的StartSSL域验证证书,ssl,glassfish,Ssl,Glassfish,我只是无法从StartSSL获得ssl证书来工作 我在本地系统上有一个运行glassfish的版本,并在将它们上传到虚拟服务器之前对其进行了更改 以下是我所做的: 1。创建企业社会责任 “openssl req-newkey rsa:2048-keyout yourname.key-out yourname.csr” 2。粘贴的CSR上下文(介于-开始/结束证书请求之间-- 3.从StartSSL下载生成的证书文件 收到以下文件: root.crt 1_Intermediate.crt 2.w
- root.crt
- 1_Intermediate.crt
- 2.www.domain.de.crt
keytool -keysize 2048 -genkey -alias Domain -keyalg RSA -dname “CN=www.domain.de,O=yourCompany,L=yourCity,S=yourS tate,C=yourCountry” -keypass yourmasteradminpw -storepass yourmasteradminpw -keystore keystore.jks
# keytool -import -alias startsslcert -keystore keystore.jks -trustcacerts -file root.crt
# keytool -import -alias startsslsub -keystore keystore.jks -trustcacerts -file 1_Intermediate.crt
# keytool -import -alias domainname -keystore keystore.jks -trustcacerts -file 2_www.domain.crt
# keytool -import -alias startsslcert -keystore cacerts.jks -trustcacerts -file root.crt
# keytool -import -alias startsslsub -keystore cacerts.jks -trustcacerts -file 1_Intermediate.crt
6.将文件导入密钥库:
keytool -keysize 2048 -genkey -alias Domain -keyalg RSA -dname “CN=www.domain.de,O=yourCompany,L=yourCity,S=yourS tate,C=yourCountry” -keypass yourmasteradminpw -storepass yourmasteradminpw -keystore keystore.jks
# keytool -import -alias startsslcert -keystore keystore.jks -trustcacerts -file root.crt
# keytool -import -alias startsslsub -keystore keystore.jks -trustcacerts -file 1_Intermediate.crt
# keytool -import -alias domainname -keystore keystore.jks -trustcacerts -file 2_www.domain.crt
# keytool -import -alias startsslcert -keystore cacerts.jks -trustcacerts -file root.crt
# keytool -import -alias startsslsub -keystore cacerts.jks -trustcacerts -file 1_Intermediate.crt
7.导入到cacerts.jks的文件:
keytool -keysize 2048 -genkey -alias Domain -keyalg RSA -dname “CN=www.domain.de,O=yourCompany,L=yourCity,S=yourS tate,C=yourCountry” -keypass yourmasteradminpw -storepass yourmasteradminpw -keystore keystore.jks
# keytool -import -alias startsslcert -keystore keystore.jks -trustcacerts -file root.crt
# keytool -import -alias startsslsub -keystore keystore.jks -trustcacerts -file 1_Intermediate.crt
# keytool -import -alias domainname -keystore keystore.jks -trustcacerts -file 2_www.domain.crt
# keytool -import -alias startsslcert -keystore cacerts.jks -trustcacerts -file root.crt
# keytool -import -alias startsslsub -keystore cacerts.jks -trustcacerts -file 1_Intermediate.crt
之后,我将domain.xml中的s1as更改为第5点的别名。在我的v-server上用新的替换了cacerts、keystore和admin密钥文件
我检查了keystore.jks和cacerts.jks文件是否使用glassfish masterpassword作为密码
现在该网站和glassfish管理控制台不再可访问
问题:
keytool -keysize 2048 -genkey -alias Domain -keyalg RSA -dname “CN=www.domain.de,O=yourCompany,L=yourCity,S=yourS tate,C=yourCountry” -keypass yourmasteradminpw -storepass yourmasteradminpw -keystore keystore.jks
# keytool -import -alias startsslcert -keystore keystore.jks -trustcacerts -file root.crt
# keytool -import -alias startsslsub -keystore keystore.jks -trustcacerts -file 1_Intermediate.crt
# keytool -import -alias domainname -keystore keystore.jks -trustcacerts -file 2_www.domain.crt
# keytool -import -alias startsslcert -keystore cacerts.jks -trustcacerts -file root.crt
# keytool -import -alias startsslsub -keystore cacerts.jks -trustcacerts -file 1_Intermediate.crt
<secure-admin special-admin-indicator="4de31578-ac8c-49cf-884e-77faada83599" enabled="true">
<secure-admin-principal dn="CN=localhost,OU=GlassFish,O=Oracle Corporation,L=Santa Clara,ST=California,C=US"></secure-admin-principal>
<secure-admin-principal dn="CN=localhost-instance,OU=GlassFish,O=Oracle Corporation,L=Santa Clara,ST=California,C=US"></secure-admin-principal>
</secure-admin>