Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 357
  • Last Modified:

SSL Question

Hi,

I have tried to create self-signed SSL certificate. Then I open the port of 8443 of my Tomcat to accept this SSL. So now, I can run my J2EE Web Application using the URL https://localhost:8443/blahblahblah.

Now, my questions...

1. Everytime I load my page, it asks me for the Security Alert. From this dialog, I can view my certificate and etc. Is it the right thing to have this displayed all the time? if I purchased the VeriSign or etc, will this dialog still be opened?

2. Can I change the port of 8443 into 80 so that users do not need to enter any port? haha :)

Regards
Dave
0
suprapto45
Asked:
suprapto45
  • 5
  • 4
  • 3
  • +1
3 Solutions
 
suprapto45Author Commented:
Oh yes,

Do I need to install the certificate on my machine? What would be the consequences if I don't.

Regards
Dave
0
 
TimYatesCommented:
1) No, the dialog is opened because the certificate is from an untrusted source (you) :-)  Verisign certificates won't show the dialog
2) Not sure.  Usually users look for https: which defualts to a port that isn't port 80 (81? -- not sure)
0
 
bloodredsunCommented:
>>2) Not sure.  Usually users look for https: which defualts to a port that isn't port 80 (81? -- not sure)

I believe it's normally port 443 for https, which like port 80, browsers don't display in the url. AFAIK, 8443 is mort commonly used for JSP/Servlet HTTPS development machines.

And I agree with tim on the first answer, for what it's worth....
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
bloodredsunCommented:
The reason the dialogue box comes up is that the "Certificate Authority" (CA) for the certificate you're using for this SSL is not recognised by the CA list  in your browser. People like Verisign and Thawte are listed and so are accepted/trusted automatically.
0
 
TimYatesCommented:
It's a bit of a monopoly really, but I guess it's the only way to be sure :-/

Even then, it just proves that whoever wrote the app/website had some cash to pay Verisign (and a valid email address at least) :-/
0
 
bloodredsunCommented:
>>monopoly
surely a Duopoly;-)
It seems that the 2 big boys are Thawte and Verisign, although FireFox supports 33 different CA's by default. You can see them in "Tools/Options/Advanced/Certificates/Manage Certificates/Authorites"

PS is it just me, Tim and Dave here today? Is everyone else off sick, or is everyone else keeping their head down after what happended to Venabili ?
0
 
TimYatesCommented:
>> PS is it just me, Tim and Dave here today? Is everyone else off sick, or is everyone else keeping their head down after what happended to Venabili ?

A bit of both I guess :-/

Haven't seen zzynx for about a week either... :-/

Mind you, I was knee deep in coding all last week ;-)  Got my spanned CAB file reader working now though, so it's party time* ;-)

(* kinda) ;-)
0
 
makerpCommented:
add your authority as a trusted root authority then it wont happen anymore - you need to do this in the browser. in IE you can do this in the dialog that pops up..

-P
0
 
TimYatesCommented:
>>  then it wont happen anymore

on your machine only of course...  everyone else will see the warning... :-/
0
 
makerpCommented:
indeed, you need a dash of user comms, a non starter really considering most can only just about cope with loggin on, let alone navigating IEs most complex dialog!
0
 
suprapto45Author Commented:
Thank you guys.

Btw...what happen to Venabili? I also realized that it seems very silence today in EE.

Regards
Dave
0
 
bloodredsunCommented:
Nothing serious, just something that kept her out of EE for a few days...as for the quiet day, hooray! more questions for us mortals and not just objects, CEHJ, zzynx, aozarov and of course, my evil twin TimYates!!!
0
 
suprapto45Author Commented:
Okay then. Btw do you realize that EE has some bugs on the "Answer History", it seems that our number of comments is the same as our number of answer.

Regards
Dave
0
 
bloodredsunCommented:
Yep, I noticed but it's probably just one of those hiccups ee sometimes has...
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 5
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now