remove-expired-certificates

Removes all expired certificates from the target instance or listener’s keystores and truststores.

Synopsis

asadmin remove-expired-certificates [--help]
[--reload={false|true}]
[--domainName=name]
[--domainDir=directory]
[--node=nodeName]
[--nodeDir=directory]
[--listener=listenername]
[--target=instanceName]

Description

This command removes all expired certificates from the target instance or listener’s key and trust stores.

If the instance or listener is configured to use the default trust store, the command will instead synchronize the instance with the DAS (under the assumption the certificate has been removed from the default trust store of the DAS), since any certificates removed from the instance stores would be lost upon its next synchronisation.

Options

--help
-?

Displays the help text for the subcommand.

--target

This option helps specify the target on which you are removing expired certificates. Valid values are:

server

Applies to the default server instance. This is the default value.

cluster_name

Applies to every server instance in the cluster.

instance_name

Applies to a specified sever instance.

--reload

Whether the HTTP listeners should be reloaded. Defaults to false

--listener

The name of the HTTP or IIOP listener to add the certificate to.

--domainname

The name of the domain where the target instance exists.

Defaults to domain1 or the existing domain if only one exists.

--domainDir

The path to the directory containing the target domain.

Defaults to as-install/glassfish/domains

--node

The name of the node where the target instance exists.

Defaults to localhost-$domainname

--nodeDir

The path to the directory containing the target node.

Defaults to as-install/glassfish/nodes

Examples

Example 1 Removes all expired certificates in the production domain

asadmin remove-expired-certificates --domainName --listener http-listener-2 --reload=true

Exit Status

0

subcommand executed successfully

1

error in executing the subcommand

See Also