Sun GlassFish Enterprise Server v2.1.1 Administration Guide

Managing Keys And Certificates

This section describes a few common procedures for creating and managing keys and certificates using certutil and pk12util. For details on certutil and pk12util, see Using Network Security Services (NSS) Tools and documentation on the NSS Security Tools site at

Note –

By configuring a PKCS#11 provider in the properties file (located in the JAVA_HOME/jre/lib/security directory of the Java runtime), you can also use the J2SE keytool utility to manage keys and certificates. For details on using keytool, and Java PKCS#11 Reference Guide at

This section describes the following topics:

Listing Keys and Certificates

Working With Private Keys and Certificates

Use certutil to create self-signed certificates and to import or export certificates. To import or export private keys, use the pk12util utility. For more details, see Using Network Security Services (NSS) Tools

Caution – Caution –

In Enterprise Server, do not modify the NSS password directly with the NSS tools certutil and modutil. If you do so, security data in Enterprise Server might be corrupted.