users@glassfish.java.net

Re: ssl n00b

From: Lucas Jordan <lucasjordan_at_gmail.com>
Date: Tue, 20 Feb 2007 12:17:14 -0500

Looking at the domain.xml file I see an entry:
<http-listener acceptor-threads="1" address="0.0.0.0"
blocking-enabled="false" default-virtual-server="server" enabled="true"
family="inet" id="http-listener-2" port="8181" security-enabled="true"
server-name="" xpowered-by="true">

I guess I should note that I am using iptables to redirect port 443 to
8181....so changing blocking-enabled to true might fix my issue?

-Lucas

On 2/20/07, Lucas Jordan <lucasjordan_at_gmail.com> wrote:
>
> version v1, I suspect, is the build number included in an install
> anyplace?...maybe this tells use:
> Install_Application_Server_9PE_200608220604.log
>
>
>
> On 2/20/07, Jeanfrancois Arcand <Jeanfrancois.Arcand_at_sun.com> wrote:
> >
> > Hi Lucas,
> >
> > which version of GlassFish are you using? If you are using GlassFish v2,
> > can you edit ${glassfish.home}/domains/domain1/config/domain.xml:
> >
> > change http-listener ...port="443: blocking-enabled="true".../>
> >
> > and see if it works? If you are using v1, then this is another problem.
> >
> > Thanks
> >
> > -- Jeanfrancois
> >
> > Lucas Jordan wrote:
> > > I am trying to configure an instance of glassfish to respond to
> > > notifications from google checkout. I have it working in 'sandbox'
> > mode
> > > over port 80, but to make it work for real, it must be over port 443.
> > > Google says....
> > >
> > > "To implement the Notification API, you need to establish a web
> > service
> > > that receives and processes Google Checkout notifications. Your web
> > > service must be secured by SSL v3 or TLS and must use a valid SSL
> > > certificate. The API callback URL that you use for your production
> > > account must use port 443, which is the default port for HTTPS. The
> > API
> > > callback URL that you use for your Sandbox account may use either port
> > > 443 or port 80."
> > >
> > > when I tried to use port port 443 the google integration tools tells
> > me:
> > >
> > > "We encountered an error trying to access your server at
> > > https://digitalxtractions.net/portal/notification -- the error we got
> > > is: sun.security.validator.ValidatorException: PKIX path building
> > > failed: sun.security.provider.certpath.SunCertPathBuilderException:
> > > unable to find valid certification path to requested target"
> > >
> > > This is the only information I have about the error, nothing is logged
> > > on the server side. In my searching, this error seems to be often
> > found
> > > on the client side, and has something to do with the client not being
> > > able trust the server. I am not sure how this translates to my
> > > circumstance thought, since I am an SSL n00b :)
> > >
> > > I guess what I don't understand is, is my server not trusting googles
> > > certs? how do I tell glassfish to accept all certs? or just those from
> >
> > > google? or is google not trusting me, since I have not installed any
> > > certs or anything on the server? Is certificate even the right word?
> > >
> > > Any help out be awesome!
> > > -Lucas
> > >
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> > For additional commands, e-mail: users-help_at_glassfish.dev.java.net
> >
> >
>