Sunday, 18 August 2013

Arquillian Embedded Glassfish Certificate Expired

Arquillian Embedded Glassfish Certificate Expired

On Aug 14th, the gtecybertrust5ca certifcate used by Glassfish expired
causing my Arquillian tests that use an embedded Glassfish server to all
fail. I have verified I am using the latest JDK, 1.7.0_25-b17, and my
Maven libs are current.
This problem is similar to this one: Certificate has expired" in log by
starting Glassfish 3.1.2 except, I am using the Embedded version of
Glassfish via Maven, Arquillian and SureFire to run unit and integration
tests.
I have tried instructing Maven to use a local keystore, the one that comes
with the JRE, in an effort to keep the expired cert from being used.
Unfortunately, this didn't help either. Using the Maven debug flag, I can
see that the JDK is forked with the addition arguments.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.16</version>
<configuration>
<argLine>-Djavax.net.ssl.trustStore=C:\Java\jdk1.7.0_25\jre\lib\security\cacerts.jks
-Djavax.net.ssl.trustStorePassword=changeit</argLine>
<classpathDependencyExcludes>
<!-- exclude code absent api -->
<classpathDependencyExclude>javax:javaee-api</classpathDependencyExclude>
<classpathDependencyExclude>javax:javaee-web-api</classpathDependencyExclude>
</classpathDependencyExcludes>
</configuration>
</plugin>
<!-- Configure the Embedded GlassFish Maven plugin -->
<plugin>
<groupId>org.glassfish.embedded</groupId>
<artifactId>maven-embedded-glassfish-plugin</artifactId>
<version>4.0</version>
<configuration>
<app>${project.build.directory}/${project.build.finalName}.war</app>
<port>7070</port>
<containerType>web</containerType>
</configuration>
</plugin>
I have also tried downloading the actual Glassfish server, exporting its
certificates gtecybertrust5ca and gtecybertrustglobalca from the keystore
at glassfish4\glassfish\domains\domain1\config\cacerts.jks and then
imported them into my JRE keystore marking them as trusted. This also
didn't work:
keytool -exportcert -keystore cacerts.jks -alias gtecybertrustglobalca
-file gtecybertrustglobalca.crt keytool -exportcert -keystore cacerts.jks
-alias gtecybertrust5ca -file gtecybertrust5ca.crt
keytool -importcert -keystore
C:\Java\jdk1.7.0_25\jre\lib\security\cacerts.jks -alias gtecybertrust5ca
-file gtecybertrust5ca.crt keytool -importcert -keystore
C:\Java\jdk1.7.0_25\jre\lib\security\cacerts.jks -alias
gtecybertrustglobalca -file gtecybertrustglobalca.crt
I would really appreciate some help. Thanks.
Posted by at

1 comment:

  1. Unknown13 October 2013 at 08:16

    http://stackoverflow.com/questions/18304232/arquillian-embedded-glassfish-certificate-expired

    ReplyDelete

Subscribe to: Post Comments (Atom)