It is very likely that the admin console is just updating the domain.xml file anyway. In either case, it is good practice to avoid modifying the domain.xml file wherever possible. There is no official advice in the Security Guide for GF4 and the only mention of the certificate nickname is:
If you enable secure admin on an SSL-enabled GlassFish Server
installation, secure admin uses the existing value
as the DAS admin alias for secure admin.
https://glassfish.java.net/docs/4.0/security-guide.pdf
Changing the nickname isn't actually necessary, from a functional perspective. When you import your key/cert to the keystores you can just use the same name to replace the existing cert, which is perfectly valid.
Edit: To change alias names with the asadmin
command, you can use enable-secure-admin
with either --instancealias myNewAlias
or --adminalias myOtherNewAlias
(or both).
The default for adminalias
is s1as
and the default for instancealias
is glassfish-instance
.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…