Configuring Alternate KeyStores for SSL
Payara Micro Enterprise comes with Keystore files directly embedded within the JAR file.
These can be overridden using the following standard Java SSL system properties:
-
javax.net.ssl.trustStore
-
javax.net.ssl.keyStore
-
javax.net.ssl.trustStorePassword
-
javax.net.ssl.keyStorePassword
When packaging applications into an Uber Jar any keystores specified via system properties will be copied into the uberjar to replace the default internal keystores. However the uber jar will not contain the passwords and these must still be specified via the system properties. |
Setting the Key-Pair at Runtime
Since Payara Server 4.1.2.182 and 5.182
The key-pair to use as Payara Micro’s SSL certificate can also be specified using the --sslCert
command line option like
this:
java -jar payara-micro.jar -sslCert my-custom-alias
The default key-pair name is s1as if not overriden via the command line switch.
|