aspose file tools*
The moose likes Tomcat and the fly likes Enable SSL in existing web application when deploying it locally on Tomcat Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Enable SSL in existing web application when deploying it locally on Tomcat" Watch "Enable SSL in existing web application when deploying it locally on Tomcat" New topic
Author

Enable SSL in existing web application when deploying it locally on Tomcat

Namrata Narula
Greenhorn

Joined: Oct 04, 2011
Posts: 4
I created the self signed certificate using java keytool and gave the path of the .keystore file in server.xml file in the conf folder of Tomcat.
I have an existing Web Application where I am using SOAP web services and I have to configure SSL in it.
I added the following code in the web.xml file of the application
<security-constraint>
<web-resource-collection>
<web-resource-name>securedapp</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
Now redeploying this application on Tomcat I run the URL as
https://localhost:8443/DgSuite/login.html (My application URL)
It opens successfully ,but I am not able to login as it says cannot connect
I also changed the path in WSDL file from localhost:8080 to https://localhost:8443 and i am able to open the wsdl with new URL
But I am not able to further login.I am not getting any error in Tomcat logs or even in the debugger (for firefox).
Kindly help

Also Noticed that in the debugger it says it cannot connect to WSDL saying
"{\"success\": false, \"error\": \"Can not connect to controller at https://localhost:8443/dgcontroller/ControllerConnectorPort?wsdl exception: javax.xml.ws.WebServiceException: Failed to access the WSDL at: https://localhost:8443/dgcontroller/ControllerConnectorPort?wsdl. It failed with: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.\"}"
Thanks
Namrata
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18541
    
    8

If I'm not mistaken, the clients of your SSL-enabled application have to trust your certificate. So if your certificate was from one of the big certificate issuers, the client would recognize it. But it isn't. So the client doesn't recognize it, and it says so. (That's what the error message means.)

That means that you'll have to import the root certificate of your self-signed certificate into the keystore of any client which wants to connect to your site. This would include the browser of anybody who wants to connect, which in your case I think means your copy of Firefox. This has nothing to do with Tomcat, by the way, it's a rule of SSL. By the way I may not have used the correct terminology in my answer -- it's been several years since I had to import the certificate of a host with an unrecognizable certificate.
 
wood burning stoves
 
subject: Enable SSL in existing web application when deploying it locally on Tomcat