Getting started with Glassfish V3 and SSL

UPDATE 2013-03-22: Please check the updated tutorial with GoDaddy and Glassfish V3.1.2 here.

At some stage developing web applications (operating outside you fix lan-wired, “secure” in-house network), your customer will hit you asking “How secure is my data ? Can I access the system via https and get the golden lock ?”. You will quickly answer “No problem ! We use Glassfish” (just because you remember vaguely seeing some https settings in the GF admin tool). It is indeed not that hard to get started but if you are not an security expert and not joggling certificates around, it might take you a while to get your web application running with the golden lock. I will summarize the steps in this tutorial to setup a Glassfish V3 domain running with https.  Please feel free to comment and feedback, I am not an security expert either (…yet).

Used for this tutorial:

  • Glassfish V3
  • Java keytool
  • Free 90 days SSL certificate from Comodo (link)

Pre-Requirements:

  • A  server with an IP address and/or domain (www.somedomain.com). We need to be the owner of the domain (or at least the technical contact, more on that later)
  • Basic knowledge of navigating around the Glassfish admin tool

Remarks:

Continue reading