Posted by nabizamani
on June 19, 2010 at 1:56 PM PDT
I have downloaded and installed Glassfish 3.0.1 and so far I am glad it work all almost as I expected...
What I have done so far is using the keytool to generate an own key for https usage instead of using the standard key from oracle (alias: "s1as"). I have used the following command:
keytool -keysize 2048 -genkey -alias myalias -keyalg RSA -dname "CN=mycn,O=myo,L=myl,S=mys,C=myc" -validity 3650 -keypass changeit -storepass changeit -keystore keystore.jks
This all worked fine. And I did not even have to restart Glassfish:
when I called https://localhost:4848 it took automatically the new key even though I did not change anyhing in the configuration by using admin console (==> setting was still "s1as").
Question 1: Why did Glassfish automatically took my new key?
Anyway... I continued and changed "s1as" in admin console to "myalias", which references the key I generated (see above). Then I saw that there are some "CipherSuites" section within the SSL tabs of my http-listener2 and the others. What I see there is:
What does this exactly mean???
Are only 256 bit CipherSuites supported or what?
Remember I created a 2048 bit key, which does not seem to be a problem for Glassfish (because I saw no errors/exceptions/warnings).
Thanks in advance,