Introduction to Glassfish SSL Newly created domains on glassfish has already a self signed certificate in DOMAIN_DIR/config/keystore.jks file. By default this keystore has default password of “changeit”. This certificate is named as s1as. To see this certificate you could issue following command: keytool -list -keystore keystore.jks When asked enter default password “changeit”. You will see