This Bugzilla instance is a read-only archive of historic NetBeans bug reports. To report a bug in NetBeans please follow the project's instructions for reporting issues.
I tried the following steps to configure SSL with HTTP BC using non-default certificates. 1) Took a backup of keystore.jks and cacerts.jks 2) Deleted the default self-signed certificate /F:\GlassFishESBv22_20091019-0736\glassfish\domains\domain1\config>keytool -delete -alias s1as -keystore keystore.jks -storepass changeit/ 3) Generated a new key pair for the application server , I am using the same alias "s1as" so that I dont need to modify anything in domain.xml /F:\GlassFishESBv22_20091019-0736\glassfish\domains\domain1\config> keytool -genkeypair -keyalg RSA -keystore keystore.jks -validity 335 -alias s1as Enter keystore password: What is your first and last name? [Unknown]: raghuvir What is the name of your organizational unit? [Unknown]: sun What is the name of your organization? [Unknown]: sunmicrosystems What is the name of your City or Locality? [Unknown]: bangalore What is the name of your State or Province? [Unknown]: karnataka What is the two-letter country code for this unit? [Unknown]: IN Is CN=raghuvir, OU=sun, O=sunmicrosystems, L=bangalore, ST=karnataka, C=IN correct? [no]: yes Enter key password for <s1as> (RETURN if same as keystore password):changeit/ 4) Self Sign the ceritificate /F:\GlassFishESBv22_20091019-0736\glassfish\domains\domain1\config>keytool -selfcert -alias s1as -validity 335 -keystore keystore.jks -storetype JKS Enter keystore password:changeit/ 5) Exported the cert /F:\GlassFishESBv22_20091019-0736\glassfish\domains\domain1\config>keytool -export -alias s1as -file s1as.cert -rfc -keystore keystore.jks Enter keystore password:changeit Certificate stored in file <s1as.cert>/ 6) imported to the trust store of glassfish ( cacerts.jks) /F:\GlassFishESBv22_20091020-1005\glassfish\domains\domain1\config>keytool -delete -alias s1as -keystore cacerts.jks -storepass changeit F:\GlassFishESBv22_20091020-1005\glassfish\domains\domain1\config>keytool -import -alias s1as -file s1as.cert -keystore cacerts.jks Enter keystore password: Owner: CN=raghuvir, OU=sun, O=Sunmicro, L=Bangalore, ST=Karnataka, C=IN Issuer: CN=raghuvir, OU=sun, O=Sunmicro, L=Bangalore, ST=Karnataka, C=IN Serial number: 4ae003fb Valid from: Thu Oct 22 12:34:27 IST 2009 until: Wed Sep 22 12:34:27 IST 2010 Certificate fingerprints: MD5: 43:A5:03:3E:A7:90:CA:BF:6F:8A:7A:A2:F1:A9:D9:AF SHA1: 7D:68:DD:E6:D2:52:AA:32:9E:B2:C4:1F:03:73:0B:F8:67:D3:C8:E2 Signature algorithm name: SHA1withRSA Version: 3 Trust this certificate? [no]: yes Certificate was added to keystore/ but on deploying my https project , it failed to send message. with the following error /Caused by: java.security.PrivilegedActionException: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed at java.security.AccessController.doPrivileged(Native Method) at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPConnection.java:185) ... 3 more Caused by: com.sun.xml.messaging.saaj.SOAPExceptionImpl: Message send failed at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPConnection.java:389) at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.run(HttpSOAPConnection.java:214) ... 5 more Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: The certificate chain from the server is not trusted at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187) at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1035) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:124) at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516) at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:415) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:881) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230) at com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPConnection.java:346) ... 6 more/ The same works fine in SOAP UI without any issues. Found out that this is not supported in Netbeans. Hence need support to run HTTPS - ssl tests.