users@glassfish.java.net

Re: The site's security certificate is not trusted!

From: hezjing <hezjing_at_gmail.com>
Date: Fri, 8 Apr 2011 23:57:18 +0800

Hi Tim

I'm wondering if I clicked on "Proceed Anyway", is the connection still a
secured connection?


On Fri, Apr 8, 2011 at 10:57 PM, Tim Quinn <tim.quinn_at_oracle.com> wrote:

>
> On Apr 8, 2011, at 9:49 AM, hezjing wrote:
>
> I believe I'm using the certificate generated by GlassFish 3.1, since I
> didn't generate any certificate myself.
>
> So if I purchase a certificate from a trusted authority like VeriSign, I
> think I have to install it to GlassFish like what have been described in
> http://javadude.wordpress.com/2010/04/06/getting-started-with-glassfish-v3-and-ssl
> ...
>
>
> Or when Chrome warns you about the GlassFish self-signed certificate you
> click on "Proceed Anyway."
>
> - Tim
>
>
>
>
> On Fri, Apr 8, 2011 at 10:05 PM, Tom Mueller <tom.mueller_at_oracle.com>wrote:
>
>> Where did you get your certificate?
>>
>> If you are using the one that is generated by GlassFish when it creates
>> the domain, then this is the expected behavior.
>> To eliminate this message, you need to obtain a certificate from a trusted
>> authority, and then access the server using the server name that is in the
>> certificate (which is probably not localhost).
>>
>> Tom
>>
>>
>> On 4/8/2011 8:47 AM, hezjing wrote:
>>
>>> Hi
>>>
>>> I have configured the transport-guarantee to CONFIDENTIAL, so that the
>>> data is transported over a secure connection between the client and the
>>> server. When accessed the web application on my development machine, the
>>> Chrome shown the following warning:
>>>
>>> <<<
>>> The site's security certificate is not trusted!
>>> You attempted to reach localhost, but the server presented a certificate
>>> issued by an entity that is not trusted by your computer's operating system.
>>> This may mean that the server has generated its own security credentials,
>>> which Google Chrome cannot rely on for identity information, or an attacker
>>> may be trying to intercept your communications.
>>> You should not proceed, especially if you have never seen this warning
>>> before for this site.
>>> >>>
>>>
>>> To solve this problem, I have to manually export the certificate to a
>>> file, and then import it to Chrome's Trusted Root Certification Authorities
>>> store.
>>>
>>> I'm just wondering, I don't remember manually importing the certificate
>>> when I accessed other Internet secured web sites. How can I configure my
>>> application or GlassFish so that the browser will automatically install the
>>> certificates?
>>>
>>>
>>>
>>> --
>>>
>>> Hez
>>>
>>
>
>
> --
>
> Hez
>
>
>


-- 
Hez