Sunday, April 14, 2024
HomeHow toHow to Install GlassFish Java Application Server with Nginx Reverse Proxy on...

How to Install GlassFish Java Application Server with Nginx Reverse Proxy on AlmaLinux 9

GlassFish is a free and open-source implementation of the Java EE Platform developed by Eclipse. it is the world’s first implementation of the Java EE platform for deploying Java applications. GlassFish provides scalable architecture with the support of multiple Java technologies, such as Enterprise JavaBeans, JPA, JavaServer Faces, and JMS.

This guide will show you how to install GlassFish on the AlmaLinux 9 server with Nginx reverse proxy. We also cover how to secure GlassFish by enabling the authentication and setup of secure SSL/TLS connection for GlassFish administration.


Before you start, ensure you have the following:

  • An AlmaLinux 9 server.
  • A non-root user with administrator privileges.
  • A local domain name pointed to the server IP address.

Setting up dependencies

First, you need to set up your AlmaLinux system by adding a system user that will be used to run GlassFish, then install Java OpenJDK packages.

Before installing any package, create a new system user glassfish with the command below. This user will have the default home directory /opt/glassfish7, which will be used as the installation directory for GlassFish.

sudo useradd -m -d /opt/glassfish7 -U -s /bin/false glassfish

Now install the Java OpenJDK 21 and unzip packages with the command below. Type y to proceed with the installation.

sudo dnf install java-21-openjdk unzip nano

Once the installation is complete, verify the Java version with the command below. Make sure you have Java 17 or 21 installed on your AlmaLinux server.

java --version

Downloading the GlassFish package

After you have created a system user and installed Java, you can now download the GlassFish package. Make sure to visit the GlassFish download page and copy the link for the latest version.

Download the GlassFish package using the wget command below.


Once downloaded, extract the file to the /opt directory with the following unzip command. This will extract GlassFish to /opt/glassfish7 directory.

unzip -d /opt

Lastly, change the ownership of /opt/glassfish7 directory to user glassfish. This is because you will be running GlassFish as a system user glassfish.

sudo chown -R glassfish:glassfish /opt/glassfish7

Setting up systemd service for GlassFish

In this guide, you will run GlassFish as a systemd service. This will run GlassFish in the background and you can easily manage it via systemctl utility.

Create a new systemd service file /etc/systemd/system/glassfish7.service using the following nano editor.

sudo nano /etc/systemd/system/glassfish7.service

Insert the systemd configuration below for GlassFish.

Description = GlassFish Server v7
After =

ExecStart=/opt/glassfish7/bin/asadmin start-domain
ExecReload=/opt/glassfish7/bin/asadmin restart-domain
ExecStop=/opt/glassfish7/bin/asadmin stop-domain
Type = forking

WantedBy =

Save the file and close the editor when finished.

Now reload the systemd manager to apply your new service file.

sudo systemctl daemon-reload

Then, start and enable GlassFish with the command below. Once started, GlassFish should be running on port 8080 and 4848.

sudo systemctl start glassfish7
sudo systemctl enable glassfish7

Lastly, verify the glassfish7 service with the command below. Make sure that the glassfish7 service is enabled and running on your system.

sudo systemctl status glassfish7

Setting up GlassFish administrator

At this point, GlasFish is running as a systemd service on your system. Now you need to confirm the admin user for GlassFish and set up enable-secure-admin for securing GlassFish administration.

First, run the following command to create a new administrator user for your GlassFish installation.

sudo -u glassfish /opt/glassfish7/bin/asadmin --port 4848 change-admin-password

When prompted for the user, type the default user admin, and press ENTER when asked for the password. The default GlassFish comes without a password.
When prompted to set up a new password, type your password and repeat.

Once the process is complete, you should get an output ‘Command change-admin-password executed successfully‘.

After configuring the admin password for GlassFish, run the following command to enable the secure-admin feature. This will generate SSL/TLS certificates automatically for GlassFish.

sudo -u glassfish /opt/glassfish7/bin/asadmin --port 4848 enable-secure-admin

Type your admin user and password for GlassFish when asked. Once the process is successful, you should see an output ‘Command enable-secure-admin executed successfully‘.

Lastly, restart the glassfish7 service to apply your modifications to your GlassFish. After the command is executed, your GlassFish installation should be secured, the admin user with new password, and generated TLS certificates for GlassFish admin.

sudo systemctl restart glassfish7

Running GlassFish with Nginx reverse proxy

In this guide, you will be running GlassFish behind the Nginx reverse proxy. So now you need to install Nginx to your AlmaLinux server, then create a new server block configuration for reverse proxy.

Install the Nginx web server to your AlmaLinux using the command below. Type y to proceed to the installation.

sudo dnf install nginx

After installation is finished, create a new server block configuration /etc/nginx/conf.d/glassfish.conf using the following nano editor command.

sudo nano /etc/nginx/conf.d/glassfish.conf

Insert the following configuration to set up a reverse proxy for GlassFish that running by default on port 8080. Be sure to change the domain name in the following with your local domain.

upstream glassfish7 {
server weight=100 max_fails=5 fail_timeout=5;

server {
listen 80;

location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://glassfish7/;

When you’re done, save and exit the file.

Now verify the Nginx syntax using the command below. If you have proper syntax, you should get an output ‘syntax is ok – test is successful’.

sudo nginx -t

Then, start and enable Nginx on your AlmaLinux server with the command below.

sudo systemctl start nginx
sudo systemctl enable nginx

Once started, verify the Nginx service to ensure that the service is running and enabled.

sudo systemctl status nginx

Below you should see the Nginx service is running and enabled on AlmaLinux.

Setting up Firewalld

With the Nginx up and running, you must open the HTTP port on your server via firewalld. In addition to that, you can also open port 4848 which is used by the GlassFish administrator.

Open both HTTP and HTTPS service on firewalld with the command below.

sudo firewall-cmd --add-service={http,https} --permanent

Open TCP port 4848 which will be used for GlassFish administration.

sudo firewall-cmd --add-port=4848/tcp --permanent

Now reload firewalld to apply your changes to firewalld. Then, verify the lis-enabled rules.

sudo firewall-cmd --reload
sudo firewall-cmd --list-all

You can see below the HTTP, HTTPS services, and port 4848 added to firewalld.

Accessing GlassFish

Open your web browser and visit your domain name for GlassFish, such as If your installation is successful, you should get the GlassFish index page like the following.

Now open a new tab and visit to access GlassFish administration. Type the default admin with your password, then click Login.

If you have the correct password, you should see the dashboard of GlassFish.


Congratulations! You have now successfully installed GlassFish on the AlmaLinux 9 server. You have installed GlassFish, configured administrator user, and secured admin for GlassFish. Lastly, you also installed and configured Nginx as a reverse proxy for your GlassFish installation.



Please enter your comment!
Please enter your name here


Most Popular