Skip to main content

What's wrong? Glassfish SSL access problem

5 replies [Last post]
pmrenaud
Offline
Joined: 2008-10-01

Hi Experts,

here is the situation. I have a Glassfish server installed on a dev computer named dev_computer. I setup an SSL certificate (a Verisign trial one) to be able to use https (according to this tutorial: http://blogs.sun.com/enterprisetechtips/entry/using_ssl_with_glassfish_v2 ). I used the "Developer Profile" to setup the ssl. The setup works great, i can get access to my website through https without problem... from the dev_computer (web server).
But, when i'm trying to connect to the web server (dev_computer) from another computer (in the same Lan) to make some tests... oups! i got an error like: "dev_computer use an invalid certificate" or "the certificate in not safe because blablabla...".

what's wrong now?

thanks!

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Hassan Schroeder

On Sat, Jul 4, 2009 at 6:49 AM, wrote:

> the trial version supposed to be a "valid" certificate which is valid for 14 days.

Dunno about that. I've only used self-signed certs for testing.

> Btw, do i realy need to setup my browser with the intermediate certificate? I mean, if i go to my bank website, ebay or amazon, all transactions are secure, i don't have to add or setup any certificates to my browser!?!

That's because the certs of the major CAs are included with your
browser by default. Poke around the menus and you should find
them -- e.g. on Firefox/OS X they're under
Preferences -> Advanced -> Encryption -> View Certificates

HTH,
--
Hassan Schroeder ------------------------ hassan.schroeder@gmail.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net
For additional commands, e-mail: users-help@glassfish.dev.java.net

Hassan Schroeder

On Fri, Jul 3, 2009 at 10:59 AM, wrote:

> I setup an SSL certificate (a Verisign trial one)

> But, when i'm trying to connect to the web server (dev_computer) from another computer (in the same Lan) to make some tests... oups! i got an error like: "dev_computer use an invalid certificate"

It's not an "error", it's a warning that the certificate is exactly what
it says, invalid.

I've never used a "trial" cert before, but that's the warning you get
with a self-signed cert, because it doesn't reference back to a valid
CA (Certificate Authority). I'm betting this is the same.

Either tell your users not to worry about it, or pay for a real cert from
someone (Verisign being probably the most expensive option!). Or
set up your own CA, but you probably don't want to go there. :-)

HTH,
--
Hassan Schroeder ------------------------ hassan.schroeder@gmail.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net
For additional commands, e-mail: users-help@glassfish.dev.java.net

pmrenaud
Offline
Joined: 2008-10-01

Well,

the trial version supposed to be a "valid" certificate which is valid for 14 days. I probably not going to use a verisign one (as you said, is too expensive!), but a trial version was a good way to practice myself to setup ssl with glassfish.

Btw, do i realy need to setup my browser with the intermediate certificate? I mean, if i go to my bank website, ebay or amazon, all transactions are secure, i don't have to add or setup any certificates to my browser!?!

thank you!

pmrenaud
Offline
Joined: 2008-10-01

any suggestions?

Hassan Schroeder

On Tue, Jul 7, 2009 at 4:09 AM, wrote:
> any suggestions?

about what?

--
Hassan Schroeder ------------------------ hassan.schroeder@gmail.com
twitter: @hassan

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net
For additional commands, e-mail: users-help@glassfish.dev.java.net