CODEWITHSUNDEEP
glassfishjboss-arquillian
romsac
romsac

Reputation: 67

CertificateException when testing with arquillian on glassfish-remote

When trying to run tests with arquillian with adminHttps option set to true, got an exception:

Could not connect to DAS on: (...) | java.security.cert.CertificateException: No subject alternative names present org.jboss.arquillian.container.spi.client.container.LifecycleException: Could not connect to DAS on: (...) | java.security.cert.CertificateException: No subject alternative names present at org.jboss.arquillian.container.glassfish.CommonGlassFishManager.start(CommonGlassFishManager.java:77) at org.jboss.arquillian.container.glassfish.remote_3_1.GlassFishRestDeployableContainer.start(GlassFishRestDeployableContainer.java:59) at org.jboss.arquillian.container.impl.ContainerImpl.start(ContainerImpl.java:199)

The examples which I found were without ssl turned on. I think that I should import a certificate, but can't find how or if it's realy that problem. Any idea? Thanks for sugestions.

Upvotes: 1

Views: 884

Answers (2)

Paul H
Paul H

Reputation: 2114

Whilst the accepted answer shows that this problem was due to the use of the containers self signed certificate, it doesn't explain how the problem can be overcome. Hopefully this answer will help anyone having the same problem.

You can import the containers self signed certificate into a keystore using the following command:

keytool -import -alias glassfish -file mycert.cer -keystore truststore.jks -storepass changeit

Change mycert.cer to the location of the certificate file

Change truststore.jks to the location of the keystore you want to use to store the certificate. This can either be a new keystore or an existing one. The storepass parameter is the password for the keystore. If you are using an existing keystore then you will need to specify the password associated with the keystore.

Once you have imported the self signed certificate into the keystore you need to tell the JVM running Arquillian to use the keystore. This can be done by setting the system parameter javax.net.ssl.trustStore to the location of the keystore. For example javax.net.ssl.trustStore=truststore.jks

Upvotes: 2

romsac
romsac

Reputation: 67

Problem was caused by certificate. When deploying to another server you should import certificate from that server into current machine (when usins self-signed certificates)

Upvotes: 0

Related Questions