Using Network Security Services (Nss) Tools - Sun Microsystems GlassFish Enterprise Server 2.1 Administration Manual

Hide thumbs Also See for GlassFish Enterprise Server 2.1:

Tuning manual (128 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

page of 256

/ 256
Contents
Table of Contents
Bookmarks

Table of Contents

Using Network Security Services (NSS) Tools

keytool -delete

-alias keyAlias

-keystore keystore-name

-storepass password

Using Network Security Services (NSS) Tools

In the Clusters and Enterprise Profile, use Network Security Services (NSS) digital certificates

on the server-side to manage the database that stores private keys and certificates. For the client

side (appclient or stand-alone), use the JSSE format as discussed in

Extension (JSSE) Tools" on page

The tools for managing security with Network Security Services (NSS) include the following:

■

The tools are located in the as-install/lib/ directory. The following environment variables are

used to point to the location of the NSS security tools:

■

In the examples, the certificate common name (CN) is the name of the client or server. The CN

is also used during SSL handshake for comparing the certificate name and the host name from

which it originates. If the certificate name and the host name do not match, warnings or

exceptions are generated during SSL handshake. In some examples, the certificate common

name CN=localhost is used for convenience so that all users can use that certificate instead of

creating a new one with their real host name.

The examples in the following sections demonstrate usage related to certificate handling using

NSS tools:

"Using the certutil Utility" on page 117

■

"Importing and Exporting Certificates Using the pk12util Utility" on page 118

■

"Adding and Deleting PKCS11 Modules using modutil" on page 119

■

116

Sun GlassFish Enterprise Server 2.1 Administration Guide • December 2008

certutil, a command-line utility for managing certificates and key databases. Some

examples using the certutil utility are shown in

pk12util, a command-line utility used to import and export keys and certificates between

the certificate/key databases and files in PKCS12 format. Some examples using the pk12util

utility are shown in

"Importing and Exporting Certificates Using the pk12util Utility" on

page

118.

modutil, a command-line utility for managing PKCS #11 module information within

secmod.db files or within hardware tokens. Some examples using the modutil utility are

shown in

"Adding and Deleting PKCS11 Modules using modutil" on page

LD_LIBRARY_PATH =${as-install}/lib

${os.nss.path}

112.

"Using the certutil Utility" on page

"Using Java Secure Socket

119.

117.

Table of Contents

Chapters

Table of Contents

Using Network Security Services (Nss) Tools - Sun Microsystems GlassFish Enterprise Server 2.1 Administration Manual

Using Network Security Services (NSS) Tools

Chapters

Related Manuals for Sun Microsystems GlassFish Enterprise Server 2.1

Related Content for Sun Microsystems GlassFish Enterprise Server 2.1

Table of Contents