Renews all self-signed certificates in the specified server’s keystore.


asadmin renew-self-signed-certificates [--help]


The renew-self-signed-certificates subcommand renews all self-signed certificates in a keystore using the old distinguished name and alias.

These certificates are then placed in the key and trust stores of the target instance or listener, replacing the old ones.



Displays the help text for the subcommand.


This option helps specify the target on which you are renewing its self-signed certificates. Valid values are:


Applies to the default server instance. This is the default value.


Applies to every server instance in the cluster.


Applies to a specified sever instance.


Whether the HTTP listeners should be reloaded. Defaults to false


The name of the HTTP or IIOP listener to add the certificate to.


The name of the domain where the target instance exists.

Defaults to domain1 or the existing domain if only one exists.


The path to the directory containing the target domain.

Defaults to as-install/glassfish/domains


The name of the node where the target instance exists.

Defaults to localhost-$domainname


The path to the directory containing the target node.

Defaults to as-install/glassfish/nodes


Example 1 Renews all self-signed certificates on the default domain

asadmin renew-self-signed-certificates

Exit Status


subcommand executed successfully


error in executing the subcommand

See Also