Skip to main content

Change default certificate

Please note these java.net forums are being decommissioned and use the new and improved forums at https://community.oracle.com/community/java.
No replies
alexdeguays
Offline
Joined: 2012-06-11

Hi all!

I'm trying to change the default Glassfish v4 certificate (s1as) for encryption with HTTPS, but I'm having a few problems. First of all, I'm trying to delete the default certificate from the keystore.jks and cacerts.jks files, and indeed I do it, using keytool. Then I list the contents of both files with keytool, and see the s1as certificate and private key is erased from them.

The question is: after that, how is it possible that SSL is still enabled, with the same default certificate I've just erased? Maybe the cert is stored in another place too? My files are in ${GLASSFISH-ROOT}\domains\domain1\config\keystore.jks and\cacerts.jks.

More of it: if I create a new, self signed certificate named the same, s1as, and put it in keystore and cacerts (with the same key as the server's master key), the server keeps using the original s1as certificate...how is it possible??