Imported Certificates into glassfish 4.1 and get security error when accessing the page

neil_har · January 21, 2016, 3:01pm

Hi,

Here are the names of the certificates files i have, converted the .pem to .der.
cert1.der
cert1.pem
chain1.der
chain1.pem
fullchain1.der
fullchain1.pem
privkey1.pem

As separate actions I have used keytool to import fullchain1. (pen and der ) into cacerts.jks and keystore.jks in ~/glassfish4/glassfish/domain//config

I also set the https protocol settings-nickname to the alias of the certificate set when adding it to the .jks file.

and when i try and access the page i get the following error in firefox.

"
Secure Connection Failed

The connection to mypage:8181 was interrupted while the page was loading."

If i set the https protocol settings-nickname back to the default “s1as” then the message returns to the untrusted one on accessing the page.

So , can you help.

Cheers.
Neil

okias · February 8, 2016, 1:24am

try this script, it got me closer to goal (ssl works, only can’t get into administration) Importing LetsEncrypt into Java and Glassfish

schoen · February 8, 2016, 7:00am

None of those files is meant to be imported as a root CA. fullchain.pem does contain something that might work, but it also contains your end-entity cert, so it’s easy to imagine import scripts getting confused (because of the two different certs in one file).

If you want to import the current Let’s Encrypt intermediate as a root into a root store, you might instead try

https://letsencrypt.org/certs/lets-encrypt-x1-cross-signed.der