0

I'm using the new free SSL certificate https://www.sslforfree.com I registered my domain and everything good and I got the certificate files which are three files ( ca_bundle.crt , certificate.crt and private.key ) Three days following the problem I have read tens of examples in this site and in others but none of it works for me First the examples I read there are four files ( COMODO for example ) not like in my case which there are two crt fiels and privatekey file

My question is is there something wrong with the website which didn't give me the complete certificate files ? and If not how can I deploy this certificate into my glassfish 4.x I'm using now 4.1.2 any help appreciated

Maher
  • 1
  • 5

1 Answers1

0

In java you need to store your certificate in a *.jks file. Then point your server Tomcat/Glassfish to this *.jks.

How to configure Glassfish with certificate you can find here: https://ssl.comodo.com/support/certificate-installation-glassfish-4x.php

If that's not enough you should look at the resources below.

I think Let's Encrypt (https://letsencrypt.org/getting-started/) should answer your questions.

Start by looking at their docs: https://letsencrypt.org/docs/

and if that's not enough then move on to the forum: https://community.letsencrypt.org/

olahell
  • 1,931
  • 3
  • 19
  • 35
  • Thankx for your comment but it's not in my case COMODO give you three files COMODORSAAddTrustCA.crt COMODORSADomainValidationSecureServerCA.crt addtrustexternalcaroot.crt and there is no privatekey Also Letsencrypt give you not the same files they have a clear example of glassfish here https://community.letsencrypt.org/t/importing-letsencrypt-into-java-and-glassfish/9711 But it's not like in my case there are two crt files and privatekey – Maher Sep 06 '17 at 07:56
  • So was it not enough to add the *.crt files to your *.jks as in the glassfish example above? – olahell Sep 06 '17 at 08:30
  • I did but it didn't work. I'm confused which alias should I use ( I mean which of the two files provided is the main certificate ) which I should put the alias of it in my GF server confige instead of s1as ? – Maher Sep 06 '17 at 09:43
  • It's hard to say without seeing the certs. But I would guess the one in certificate.crt – olahell Sep 06 '17 at 09:49
  • I imported the two files into cacerts.jks & keystore.jks with the same alias as ( s1as & glassfish-instance ) as advice from GF administration guide but I have a problem now when I enabled secure domain I got exception "No Key store found for s1as" is it about the third file "private.key" which I don't know what to do with it I tried to import it to the keystore but it throws exception "Input not an X.509 certificate" Any idea what to do ? – Maher Sep 06 '17 at 11:23
  • Check your keystore according to this https://stackoverflow.com/questions/12893995/how-to-check-certificate-name-and-alias-in-keystore-files. Then make sure you follow step 8 in the GF guide. – olahell Sep 06 '17 at 11:59