Hi,
PebbleJet is in the business of B2B. We had developed our application with http and did the functionality test. Now we want to make our application secure and used https support provided by Glassfish. We have followed all the steps listed in Glassfish administrative guide.
That is
1. Having seperate virtual server for this application which is listening on a secured listener (8282)
2. The listener is listening on port 8383 is security enabled.
3. Generated a keypair using keytool. Got trial certificate from Verisign.
4. Imported 3 certificates from Verisign (root certificate, intermediate certificate and server certificate/SSL certificate) in the same order. Our SSL certificate was imported with alias name s1as.
5. Used the above created s1as cert in the listener
Able to start the server with new keystore.jks.
Able to connect to server thru browser client as well as with our application client.
Now we want to move to next level called testing with our client. Our clien asked to provide our 64base encoded certificate. We gave our trial certificate to our client. But from there they are not able to connect and send the request. In our side we are getting certificate-unknown error. In their side they are getting No trusted certificate found error.
My question here is:
1. Are we giving right certificate to our client?
2. Is there problem with trial certificate?
Question#1: Which certificate do we need to give to our client out of the 3 certificates we got from Verisign? Root certificate or intermediate certificate or certificate chain? If it is a certificate chain how to give the certificate chain?
We have tried to give 15 combinations but not able to be successful.
Question#2: Will the trial certificate not be considered as original certificate? Do we need to use original cert?
Kindly help us to proceed further. We are struck here for 3 weeks.
[Message sent by forum member 'poornemak' ]
http://forums.java.net/jive/thread.jspa?messageID=372480