Due to project limitations, I need to configure my GlassFish installation using asadmin within a shell script (linux). I have all of my parameters configured, except one. The section I need to configure is the "network listener" section. Here is what the section of the default domain.xml file looks like:
<network-config>
<protocols>
<protocol name="http-listener-1">
<http default-virtual-server="server" max-connections="250" server-name="">
<file-cache enabled="false"></file-cache>
</http>
</protocol>
<protocol security-enabled="true" name="http-listener-2">
<http default-virtual-server="server" max-connections="250" server-name="">
<file-cache enabled="false"></file-cache>
</http>
<ssl ssl3-enabled="false" cert-nickname="s1as"></ssl>
</protocol>
<protocol name="admin-listener">
<http default-virtual-server="__asadmin" max-connections="250" server-name="">
<file-cache enabled="false"></file-cache>
</http>
</protocol>
</protocols>
</network-config>
For the "http-listener-2" section, I need to make changes to the "ssl" section. I have looked many places but cannot find the correct asadmin command to make these changes. What my ssl section needs to look like is this:
<ssl key-store="config/xxxxxServer.jks" trust-store="config/xxxxxTrustStore.jks" cert-nickname="xxxxxServer" />
As I have said, I have looked for a couple of days now, and I cannot find the correct command line commands to use with asadmin to set these parameters. I thought "asadmin create-ssl" would be what I needed, but, unfortunately, it was not. In looking at the web interface for GlassFish, I see the parameters I need to set. This tells me that I should be able to configure it via asadmin. Any assistance in helping me with this would be greatly appreciated.
Thanks for reading, and have a great day.
The quick answer : use asadmin get and set.
here is a bit of output from commands to make it clearer... I hope.
Let's take a look at the output from get...
$ ~/GlassFish_Server/bin/asadmin get 'configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.*'
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.allow-lazy-init=true
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.cert-nickname=s1as
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.classname=com.sun.enterprise.security.ssl.GlassfishSSLImpl
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.client-auth=
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.client-auth-enabled=false
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.key-store-password-provider=plain
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.ssl-inactivity-timeout=30
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.ssl2-enabled=false
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.ssl3-enabled=false
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.tls-enabled=true
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.tls-rollback-enabled=true
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.trust-max-cert-length=5
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.trust-store-password-provider=plain
Command get executed successfully.
Now, use set to alter the value of one of the other properties...
$ ~/GlassFish_Server/bin/asadmin set configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.key-store=config/xxxxxServer.jks
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.key-store=config/xxxxxServer.jks
Command set executed successfully.
Use get to verify that the value 'took'...
$ ~/GlassFish_Server/bin/asadmin get configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.key-store
configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.key-store=config/xxxxxServer.jks
Command get executed successfully.