By Kalpana Karunamurthi on Jan 17, 2010
The CA server certificate bundled with Sun GlassFish Enterprise Server v2.1.1 has expired since Jan 8, 2010.
Hence you would see SEVERE messages when you restart your domains. While this is being fixed in later SGES patches, you have a workaround to avoid these messages.
All you need to do is to remove the expired certificate from the keystore.
To remove from JKS keystore, use the following command
keytool -delete -alias verisignserverca -keystore <DOMAIN_ROOT>/config/cacerts.jks
To remove from NSS keystore, use the following command,
certutil -D -n verisignserverca -d <DOMAIN_ROOT>/config