JavaFAQ Home » TechTips
SSL with GlassFish v2
By Kumar Jayanti
Most enterprise applications need to run in a secure environment. Transport Layer Security (TLS)/Secure Sockets Layer (SSL) is a point-to-point secure transport mechanism that can be used for authenticating messages exchanged between a client and a server, and for ensuring message integrity and confidentiality. TLS/SSL (or in this tip, simply "SSL") meets the security requirements of most enterprise application environments, and is widely adopted.
However to participate in SSL-secured message exchanges, the server needs to be enabled as an SSL server. This tip will show you how to enable the GlassFish v2 application server as an SSL server.
In order to follow the steps, you need to understand some basic concepts in SSL such as keys and certificates and understand a concept in GlassFish v2 called profiles.
Keys and Certificates
Two important concepts in SSL are keys and certificates. Keys are used to establish trust and privacy in transactions between the client and the server. SSL uses public key cryptography, which is based on key pairs. Key pairs contain one public key and one private key. If data is encrypted with one key, it can be decrypted only with the other key of the pair.
Certificates are used for authentication. To use SSL, the server must have an associated certificate for each client IP address with which it can connect. The certificate identifies the owner of the server site and provides related information. The certificate is digitally and cryptographically signed by its owner. For sites in which authentication is important, a certificate can be purchased from a well-known trusted certificate authority (CA). However, if authentication is not really a concern, a site can use a self-signed certificate.
GlassFish v2 Profiles
GlassFish v2 supports various usage profiles. Each profile presets configuration parameters for the application server to optimize it for a particular type of use. The three profiles are developer, cluster, and enterprise.
The developer profile optimizes GlassFish v2 for use in a development environment. This means that the configuration parameters support objectives such as fast startup, but don't support things like logging or session replication. The cluster profile sets configuration parameters that enable cluster creation and session replication. A cluster is a group of GlassFish v2 instances that can be managed and monitored as a single logical entity. The enterprise profile optimizes GlassFish v2 for a production environment. It supports things like logging and other security-related features.
Page 1: Keys and Certificates
Page 2: GlassFish v2 Profiles
Page 3: Enabling the GlassFish v2 Application Server as an SSL Server
Page 4: When the Cluster Profile is Used
Page 5: Two other cases to consider
Printer Friendly Page
Send to a Friend
Search here again if you need more info!