Content received from: http://JavaFAQ.nu/java-article1173.html


SSL with GlassFish v2
Sunday, December 09, 2007 (21:59:43)

Posted by jalex

Most enterprise applications need to run in a secure environment. Transport Layer Security (TLS)/Secure Sockets Layer (SSL) is a point-to-point secure transport mechanism that can be used for authenticating messages exchanged between a client and a server, and for ensuring message integrity and confidentiality. TLS/SSL (or in this tip, simply "SSL") meets the security requirements of most enterprise application environments, and is widely adopted.

However to participate in SSL-secured message exchanges, the server needs to be enabled as an SSL server. This tip will show you how to enable the GlassFish v2 application server as an SSL server.

In order to follow the steps, you need to understand some basic concepts in SSL such as keys and certificates and understand a concept in GlassFish v2 called profiles.

Keys and Certificates

Two important concepts in SSL are keys and certificates. Keys are used to establish trust and privacy in transactions between the client and the server. SSL uses public key cryptography, which is based on key pairs. Key pairs contain one public key and one private key. If data is encrypted with one key, it can be decrypted only with the other key of the pair.

Certificates are used for authentication. To use SSL, the server must have an associated certificate for each client IP address with which it can connect. The certificate identifies the owner of the server site and provides related information. The certificate is digitally and cryptographically signed by its owner. For sites in which authentication is important, a certificate can be purchased from a well-known trusted certificate authority (CA). However, if authentication is not really a concern, a site can use a self-signed certificate.



This tip was originally published by Sun Microsystems and republished here with the permission.

Welcome to the Enterprise Java Technologies Tech Tips for November 30, 2007. Here you'll get tips on using enterprise Java technologies and APIs, such as those in Java Platform, Enterprise Edition (Java EE).

You can now read the Enterprise Java Technologies Tech Tips online as a web log.

This tip covers using SSL with GlassFish v2.

The tip was developed using an open source reference implementation of Java EE 5 called GlassFish v2. You can download GlassFish v2 from the GlassFish Community Downloads page.

Any use of this code and/or information below is subject to the license terms.

 

Page 1: Keys and Certificates
Page 2: GlassFish v2 Profiles
Page 3: Enabling the GlassFish v2 Application Server as an SSL Server
Page 4: When the Cluster Profile is Used
Page 5: Two other cases to consider