users@glassfish.java.net

RE: How to setup SSL in Glassfish 4 for client authentication?

From: Trevor Holyoak <trevorh_at_uuinsurance.com>
Date: Wed, 19 Jun 2013 22:47:41 +0000

That was somewhat helpful, but I still get the following error when testing in soapUI:

Error getting response; javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

I have 2 files that were provided by the company that wants to consume the service, namely ut.insure-rite.com.crt and gd_bundle.crt. I have imported them both into the keystore.

I used 'ut.insure-rite.com' as the alias for the certificate, but that's the client domain, not the server's. Does that matter? Seems I should at least be getting a mismatched domain error if it's a problem...

-----Original Message-----
From: Ryan Lubke [mailto:ryan.lubke_at_oracle.com]
Sent: Tuesday, June 18, 2013 10:54 AM
To: users_at_glassfish.java.net
Subject: Re: How to setup SSL in Glassfish 4 for client authentication?

Does this documentation [1] help?

[1] http://docs.oracle.com/cd/E26576_01/doc.312/e24937/use-cases.htm#gkyba

- Yes this is for 3.1.2.2, but the steps should be the same.

-rl

Trevor Holyoak wrote:
> I have created a SOAP web service in Netbeans that I've tested and is working correctly in Glassfish 4 both at port 8080 and at port 8181 with the default SSL configuration that comes with Glassfish 4.
>
> The company that will be using the web service has provided me with an SSL certificate that they want me to use to verify them, along with a certificate bundle from GoDaddy.
>
> I tried setting this up with the previous version of Glassfish, and wasn't able to make it work. The other company said the connection got terminated during the SSL handshake. Since I don't have access to the client certificate, I'm completely reliant on the client to test it for me, which makes things rather difficult.
>
> I've set up regular SSL on web servers before without any trouble, but Glassfish is a different animal (pardon the pun), and I have no prior experience with it, other than playing around with the earlier version off and on over the last month. I'm also coming at Java EE after having certified on Java 2 about a decade ago but not using it since.
>
> So, my question is, how do I set this up? I've been looking at the Java EE 7 Tutorial, but it seems to be aimed at self-signed certificates.
>
> Thanks,
> Trevor
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.