users@glassfish.java.net

Re: The site's security certificate is not trusted!

From: hezjing <hezjing_at_gmail.com>
Date: Fri, 8 Apr 2011 22:49:18 +0800

I believe I'm using the certificate generated by GlassFish 3.1, since I
didn't generate any certificate myself.

So if I purchase a certificate from a trusted authority like VeriSign, I
think I have to install it to GlassFish like what have been described in
http://javadude.wordpress.com/2010/04/06/getting-started-with-glassfish-v3-and-ssl
 ...



On Fri, Apr 8, 2011 at 10:05 PM, Tom Mueller <tom.mueller_at_oracle.com> wrote:

> Where did you get your certificate?
>
> If you are using the one that is generated by GlassFish when it creates the
> domain, then this is the expected behavior.
> To eliminate this message, you need to obtain a certificate from a trusted
> authority, and then access the server using the server name that is in the
> certificate (which is probably not localhost).
>
> Tom
>
>
> On 4/8/2011 8:47 AM, hezjing wrote:
>
>> Hi
>>
>> I have configured the transport-guarantee to CONFIDENTIAL, so that the
>> data is transported over a secure connection between the client and the
>> server. When accessed the web application on my development machine, the
>> Chrome shown the following warning:
>>
>> <<<
>> The site's security certificate is not trusted!
>> You attempted to reach localhost, but the server presented a certificate
>> issued by an entity that is not trusted by your computer's operating system.
>> This may mean that the server has generated its own security credentials,
>> which Google Chrome cannot rely on for identity information, or an attacker
>> may be trying to intercept your communications.
>> You should not proceed, especially if you have never seen this warning
>> before for this site.
>> >>>
>>
>> To solve this problem, I have to manually export the certificate to a
>> file, and then import it to Chrome's Trusted Root Certification Authorities
>> store.
>>
>> I'm just wondering, I don't remember manually importing the certificate
>> when I accessed other Internet secured web sites. How can I configure my
>> application or GlassFish so that the browser will automatically install the
>> certificates?
>>
>>
>>
>> --
>>
>> Hez
>>
> 


-- 
Hez
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.