Technology insights, news and tips.

  • Sun
    March 17, 2010

Https outbound connection from GlassFish Enterprise Server v2 to Oracle GlassFish Server 3.0

Oracle GlassFish Server 3.0 is a Java EE 6 container.
It uses JKS as keystore. In GlassFish Enterprise Server v2, it uses
In this simple blog, we will show how to set up environments for https outbound connection from
GlassFish v2 to Oracle GlassFish Server 3.0.
  1. Export the certificate from Oracle GlassFish Server 3.0 from JKS.
    Change to domain config directory where one can find cacerts.jks and run the following command:
    keytool -export -rfc -alias s1as -file s1asv3.cert -keystore cacerts.jks -storepass changeit
    Note that one should let keytool prompt for password rather than using -storepass.
    It is used here for illustration.
  2. Import the certificate to GlassFish Enterprise Server v2.
    Note that one need to use a different alias name "s1asv3" as there is already a certificate
    of name "s1as" in NSS db. Change to the domain config directory where one can find cert8.db and run the following command:
    certutil -A -n s1asv3 -d . -i s1asv3.cert -t "T,c,c"
    Restart the GlassFish Enterprise Server.

I find that the following jsp testing code is quite handy. It is included here for convenience:

<%@page import="java.io.\*, java.net.\*, javax.net.ssl.\*" %>


    try {

        String host = request.getParameter("host");

        String port = request.getParameter("port");

        String urlStr = "https://" + host + ":" + port;

        out.println("Url = " + urlStr + "<hr>");

        URL url = new URL(urlStr);

        HttpURLConnection connection = (HttpURLConnection)url.openConnection();

        BufferedReader in = null;

        in = new BufferedReader(new InputStreamReader(connection.getInputStream()));

        String line = "";

        while ((line = in.readLine()) != null) {



    } catch(Throwable ex) {


        ex.printStackTrace(new PrintWriter(out));



Note that one can read more about GlassFish Enterprise Server v2 and NSS in
"Key Management and PKCS#11 Tokens in Sun Java System Application Server 8.1".

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.