On Apr 8, 2011, at 10:57 AM, hezjing wrote:
> Hi Tim
>
> I'm wondering if I clicked on "Proceed Anyway", is the connection
> still a secured connection?
Yes. You are just telling the browser that you are willing to trust
the certificate it received from the server.
- Tim
>
>
> On Fri, Apr 8, 2011 at 10:57 PM, Tim Quinn <tim.quinn_at_oracle.com>
> wrote:
>
> On Apr 8, 2011, at 9:49 AM, hezjing wrote:
>
>> I believe I'm using the certificate generated by GlassFish 3.1,
>> since I didn't generate any certificate myself.
>>
>> So if I purchase a certificate from a trusted authority like
>> VeriSign, I think I have to install it to GlassFish like what have
>> been described in http://javadude.wordpress.com/2010/04/06/getting-started-with-glassfish-v3-and-ssl
>> ...
>
> Or when Chrome warns you about the GlassFish self-signed certificate
> you click on "Proceed Anyway."
>
> - Tim
>
>>
>>
>>
>> On Fri, Apr 8, 2011 at 10:05 PM, Tom Mueller
>> <tom.mueller_at_oracle.com> wrote:
>> Where did you get your certificate?
>>
>> If you are using the one that is generated by GlassFish when it
>> creates the domain, then this is the expected behavior.
>> To eliminate this message, you need to obtain a certificate from a
>> trusted authority, and then access the server using the server name
>> that is in the certificate (which is probably not localhost).
>>
>> Tom
>>
>>
>> On 4/8/2011 8:47 AM, hezjing wrote:
>> Hi
>>
>> I have configured the transport-guarantee to CONFIDENTIAL, so that
>> the data is transported over a secure connection between the client
>> and the server. When accessed the web application on my development
>> machine, the Chrome shown the following warning:
>>
>> <<<
>> The site's security certificate is not trusted!
>> You attempted to reach localhost, but the server presented a
>> certificate issued by an entity that is not trusted by your
>> computer's operating system. This may mean that the server has
>> generated its own security credentials, which Google Chrome cannot
>> rely on for identity information, or an attacker may be trying to
>> intercept your communications.
>> You should not proceed, especially if you have never seen this
>> warning before for this site.
>> >>>
>>
>> To solve this problem, I have to manually export the certificate to
>> a file, and then import it to Chrome's Trusted Root Certification
>> Authorities store.
>>
>> I'm just wondering, I don't remember manually importing the
>> certificate when I accessed other Internet secured web sites. How
>> can I configure my application or GlassFish so that the browser
>> will automatically install the certificates?
>>
>>
>>
>> --
>>
>> Hez
>>
>>
>>
>> --
>>
>> Hez
>
>
>
>
> --
>
> Hez