| enable-secure-admin-principal(1) asadmin Utility Subcommands enable-secure-admin-principal(1) |
| |
| NAME |
| enable-secure-admin-principal - Instructs GlassFish Server, when secure |
| admin is enabled, to accept admin requests from clients identified by |
| the specified SSL certificate. |
| |
| SYNOPSIS |
| enable-secure-admin-principal |
| [--help] |
| --alias aliasname | DN |
| |
| DESCRIPTION |
| The enable-secure-admin-principal subcommand instructs GlassFish Server |
| to accept admin requests when accompanied by an SSL certificate with |
| the specified distinguished name (DN). If you use the "--alias |
| aliasname" form, then GlassFish Server looks in its truststore for a |
| certificate with the specified alias and uses the DN associated with |
| that certificate. Otherwise, GlassFish Server records the value you |
| specify as the DN. |
| |
| You must specify either the --alias option, or the DN. |
| |
| You can run enable-secure-admin-principal multiple times so that |
| GlassFish Server accepts admin requests from a client sending a |
| certificate with any of the DNs you specify. |
| |
| When you run enable-secure-admin, GlassFish Server automatically |
| records the DNs for the admin alias and the instance alias, whether you |
| specify those values or use the defaults. You do not need to run |
| enable-secure-admin-principal yourself for those certificates. Other |
| than these certificates, you must run enable-secure-admin-principal for |
| any other DN that GlassFish Server should authorize to send admin |
| requests. This includes DNs corresponding to trusted certificates |
| (those with a certificate chain to a trusted authority.) |
| |
| OPTIONS |
| --help, -? |
| Displays the help text for the subcommand. |
| |
| --alias |
| The alias name of the certificate in the trust store. GlassFish |
| Server looks up certificate in the trust store using that alias |
| and, if found, stores the corresponding DN as being valid for |
| secure administration. Because alias-name must be an alias |
| associated with a certificate currently in the trust store, you may |
| find it most useful for self-signed certificates. |
| |
| OPERANDS |
| DN |
| The distinguished name of the certificate, specified as a |
| comma-separated list in quotes. For example, |
| "CN=system.amer.oracle.com,OU=GlassFish,O=Oracle |
| Corporation,L=Santa Clara,ST=California,C=US". |
| |
| EXAMPLES |
| Example 1, Trusting a DN for secure administration |
| The following example shows how to specify a DN for authorizing |
| access in secure administration. |
| |
| asadmin> enable-secure-admin-principal |
| "CN=system.amer.oracle.com,OU=GlassFish, |
| O=Oracle Corporation,L=Santa Clara,ST=California,C=US" |
| |
| Command enable-secure-admin-principal executed successfully. |
| |
| EXIT STATUS |
| 0 |
| subcommand executed successfully |
| |
| 1 |
| error in executing the subcommand |
| |
| SEE ALSO |
| enable-secure-admin(1) |
| |
| disable-secure-admin-principal(1) |
| |
| asadmin(1M) |
| |
| Java EE 8 09 Aug 2017 enable-secure-admin-principal(1) |