Sunday Jan 17, 2010

SGES v2.1.1 server certificate expired

The CA server certificate bundled with Sun GlassFish Enterprise Server v2.1.1 has expired since Jan 8, 2010.

Hence you would see SEVERE messages when you restart your domains. While this is being fixed in later SGES patches, you have a workaround to avoid these messages.

All you need to do is to remove the expired certificate from the keystore.

To remove from JKS keystore, use the following command
keytool -delete -alias verisignserverca -keystore <DOMAIN_ROOT>/config/cacerts.jks

To remove from NSS keystore, use the following command,
certutil -D -n verisignserverca -d <DOMAIN_ROOT>/config

About

Kalpana Karunamurthi

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today