I'm reading through Ivan's notes on Security and following the code examples illustrated under section 8.3 (JavaEE Based Web Service Security)
As part of that, I attempted to setup SSL connection from my client to service deployed on GlassFish server. Below are my steps.
As suggested, I have successfully created the client and server keystores and copied the server keystore and truststore to /GLASS_FISH/....domain1/config
I have copied the client keystore and truststore to the root directory of my client.
My web.xml is modified as below.
and in my client, I did something like
I changed the service URL schema to HTTPS from HTTP in client side generated artifact (HelloWorldWSService) as given in notes
I deployed my service in Glassfish and tried to run the client, only to end up with the exception
With this setting, even HTTP invocation is failing and if I remove <security-constraint> and change the URL in service to HTTP, It is working fine (just HTTP call). But if I include <security-constraint> and HTTPS in URL, it is failing for both HTTP and HTTPS.
Any thoughts on this, why it is failing.
Is there anything like javax.net.debug, for inspecting plain HTTP connection ?
Also, If I paste "http://localhost:8080/JAX-WS_GreetingServletMutualAuth/", I see the default index page displayed, but for https, I see "Page cannot be displayed". Is that because, access is restricted.
I configured SSL. When try to connect to the SSL enabled port, I see the following in the server.log file:
[#|2012-05-07T08:40:17.453-0400|WARNING|glassfish3.0.1|com.sun.grizzly.config.GrizzlyServiceListener|_ThreadID=24;_ThreadName=Thread-1;|SSL support could not be configured!
java.io.IOException: Keystore was tampered with, or password was incorrect
I presume this means that my master and key store passwords are different. What do I do to rectify this?