tags:

views:

545

answers:

2
Q: 

Accessing an HTTPS web service from Glassfish based web-ap

Hi, I'm trying to access an HTTPS based web service URL from a web/ear application deployed on a Glassfish application server domain. We have obtained the certificate from the vendor that exposes the HTTPS URL What are the steps required for installing SSL certificates in order to access the web service ? (Though I know the outline, let me pretend I am layman) Thanks

A: 

You need to configure Glassfish for https?

https://glassfish.dev.java.net/javaee5/security/faq.html#configssl

or you need to install a client certificate in your browser?

Thorbjørn Ravn Andersen  2010-03-10 19:17:40
My Glassfish itself need not serve any HTTPS based pages or authenticate any incoming request.All it has is an application(EAR|WAR) that would access an external HTTPS based web service. Thanks for the response :)
ring bearer  2010-03-10 20:05:26
Ah, not clear from the description. If you run under Java 6 then the easiest is to use IntelliJ to create sources for invoking the client (using annotations). Then you can "just" invoke that from your java code running in the WAR.
Thorbjørn Ravn Andersen  2010-03-10 21:51:45
Well I wasn't running Java 6/IntelliJHowever the link you posted as very informative.
ring bearer  2010-03-11 18:20:16
+1  A: 

What are the steps required for installing SSL certificates in order to access the web service ?

If the certificate is a self-signed certificate or hasn't be signed by a CA for which the JVM already has a root CA like Thawte, Verisign, etc, you'll have to add it to a client trust store and to configure the web service client or GlassFish (which is a client here) to use this trust store to establish a chain of trust.

To import the stand-alone certificate into a trust store, use keytool. This post explains how to use it (see the section Creating Java Key and Trust Stores).

Then, configure the web service client to use this trust store. To do so, you'll need to define the system properties javax.net.ssl.trustStore and maybe javax.net.ssl.trustStorePassword. You can maybe do it at the GlassFish level (see this this post).

Pascal Thivent  2010-03-13 18:16:16

related questions

Displaying Version Information in a Web Service
Example Web Service
SoapException: Root element is missing occurs when .NET web service called from Flex
Best practice for webservices
What is your preferred method of sending complex data over a web service?
.Net - Returning DataTables in WCF
Is it possible to return objects from a WebService?
How much extra overhead is generated when sending a file over a web service as a byte array?
Returning Large Results Via a Webservice
File Uploads via Web Services
best way to persist data in .NET Web Service
What is the difference between an endpoint, a service, and a port when working with webservices?
Calling REST web services from a classic asp page
Best way to write a RESTful service "client" in .Net?
Where can I find some good WS-Security introductions and tutorials?
ASP.NET Web Service Results, Proxy Classes and Type Conversion
Web Services -- WCF vs. Standard
C# WCF Service - Backward compatibility issue
Document or RPC based web services
How to easily consume a web service from PHP
Timer-based event triggers
How to pass enumerated values to a web service
Homegrown consumption of web services
How do I print an HTML document from a web service?
How do I fill a DataSet or a DataTable from a LINQ query resultset ?