To Create a New Certificate Realm

1. Change to the Appserver-base/bin directory.

2. Run the following command to remove any existing certificate realm (there should not be one):

   ./asadmin delete-auth-realm --host localhost --port 6489 certificate

3. Run the following command (all on one line) to create a new certificate realm:

   ./asadmin create-auth-realm --terse=false --echo=true --interactive=true --user admin --host localhost --port 6489 --classname com.sun.enterprise.security.auth.realm.certificate.CertificateRealm --property assign-groups=have.client.cert certificate

4. Stop and restart the Application Server domain, as described in To Stop and Restart the Application Server Domain for the Registry.