jamie jamison (Jan 25 2025 at 00:00): jamie jamison (Jan 25 2025 at 00:00):UCLA is still at 5.14. Right now I'm trying to fix the expired situation with payara5 expired certificate. Because it's past the expiration date I can't use asadmin to renew. Actually I can't use asadmin at all at this point.
**sudo ./asadmin renew-self-signed-certificates
NCLS-ADMIN-00010
javax.net.ssl.SSLHandshakeException: NotAfter: Sun Aug 18 13:30:10 UTC 2024
Command renew-self-signed-certificates failed.**
Is there a way to copy the working certificates from apache or do I need to create new ones for payara.
Philip Durbin 🚀 (Jan 27 2025 at 14:53):Woof. I'm not sure. If you don't get an answer here I'd suggest posting at https://groups.google.com/g/dataverse-community or https://forum.payara.fish (or both).
Steve Baroti (Jan 31 2025 at 20:51):this almost sound like a chicken and egg problem, however, I would first try to remove the expired certificate (asadmin remove-expired-certificates, though it may fail with the SSL handshake above). Second option would be to directly access the key store and remove and add the new private key and new certificates? Did you find a fix, Jamie?
jamie jamison (Feb 24 2025 at 17:36):I did remove the expired certificate but the problem persists. It looks like httpd does not 'see' the new cerfiticate.
Don Sizemore (Feb 24 2025 at 19:10):I've never used Payara's automatic cert renewal function, only keytool (as mentioned https://github.com/IQSS/dataverse/issues/8950 ). I've never seen asadmin do much that can't also be handled by editing some conf file or another while Payara is stopped.
Last updated: Oct 30 2025 at 06:21 UTC