Hi, I'm trying to access an HTTPS based web service URL from a web/ear application deployed on a Glassfish application server domain. We have obtained the certificate from the vendor that exposes the HTTPS URL What are the steps required for installing SSL certificates in order to access the web service ? (Though I know the outline, let me pretend I am layman) Thanks
You need to configure Glassfish for https?
https://glassfish.dev.java.net/javaee5/security/faq.html#configssl
or you need to install a client certificate in your browser?
What are the steps required for installing SSL certificates in order to access the web service ?
If the certificate is a self-signed certificate or hasn't be signed by a CA for which the JVM already has a root CA like Thawte, Verisign, etc, you'll have to add it to a client trust store and to configure the web service client or GlassFish (which is a client here) to use this trust store to establish a chain of trust.
To import the stand-alone certificate into a trust store, use keytool
. This post explains how to use it (see the section Creating Java Key and Trust Stores).
Then, configure the web service client to use this trust store. To do so, you'll need to define the system properties javax.net.ssl.trustStore
and maybe javax.net.ssl.trustStorePassword
. You can maybe do it at the GlassFish level (see this this post).