INEWUP'S BLOG

glassfish3.1.1 SEC5054: Certificate has expired

Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US SerialNumber:

Certificate Extensions: 4 : ObjectId: 2.5.29.19 Criticality=true BasicConstraints:

: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [] ] ]

: ObjectId: 2.5.29.15 Criticality=true KeyUsage

: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier ]

] Algorithm: Signature: 0000: 41 3A D4 18 5B DA B8 DE 21 1C E1 8E 09 E5 F1 68 A:..|#]

备份现有key

cd /webapp/glassfish3/glassfish/domains/domain1/config/

cp cacerts.jks{,.bak}

停止domain

/webapp/glassfish3/bin/asadmin stop-domain domain1

CA中去除过期的key

/usr/jdk/instances/jdk1.7.0/bin/keytool -delete -alias gtecybertrust5ca -keystore cacerts.jks -storepass changeit

启动domain

/webapp/glassfish3/bin/asadmin start-domain domain1

← Back to Home