users@glassfish.java.net

Re: The site's security certificate is not trusted!

From: Tim Quinn <tim.quinn_at_oracle.com>
Date: Fri, 8 Apr 2011 09:57:41 -0500

On Apr 8, 2011, at 9:49 AM, hezjing wrote:

> I believe I'm using the certificate generated by GlassFish 3.1,
> since I didn't generate any certificate myself.
>
> So if I purchase a certificate from a trusted authority like
> VeriSign, I think I have to install it to GlassFish like what have
> been described in http://javadude.wordpress.com/2010/04/06/getting-started-with-glassfish-v3-and-ssl
> ...

Or when Chrome warns you about the GlassFish self-signed certificate
you click on "Proceed Anyway."

- Tim

>
>
>
> On Fri, Apr 8, 2011 at 10:05 PM, Tom Mueller
> <tom.mueller_at_oracle.com> wrote:
> Where did you get your certificate?
>
> If you are using the one that is generated by GlassFish when it
> creates the domain, then this is the expected behavior.
> To eliminate this message, you need to obtain a certificate from a
> trusted authority, and then access the server using the server name
> that is in the certificate (which is probably not localhost).
>
> Tom
>
>
> On 4/8/2011 8:47 AM, hezjing wrote:
> Hi
>
> I have configured the transport-guarantee to CONFIDENTIAL, so that
> the data is transported over a secure connection between the client
> and the server. When accessed the web application on my development
> machine, the Chrome shown the following warning:
>
> <<<
> The site's security certificate is not trusted!
> You attempted to reach localhost, but the server presented a
> certificate issued by an entity that is not trusted by your
> computer's operating system. This may mean that the server has
> generated its own security credentials, which Google Chrome cannot
> rely on for identity information, or an attacker may be trying to
> intercept your communications.
> You should not proceed, especially if you have never seen this
> warning before for this site.
> >>>
>
> To solve this problem, I have to manually export the certificate to
> a file, and then import it to Chrome's Trusted Root Certification
> Authorities store.
>
> I'm just wondering, I don't remember manually importing the
> certificate when I accessed other Internet secured web sites. How
> can I configure my application or GlassFish so that the browser will
> automatically install the certificates?
>
>
>
> --
>
> Hez
>
>
>
> --
>
> Hez
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.