Recent Success On Using Self-Signed Certificate For SSL?

Q&A regarding installation and issues getting started with Servoy

Recent Success On Using Self-Signed Certificate For SSL?

Postby joe26 » Fri Apr 28, 2017 8:37 am

After significant time attempting to install a self-signed certificate for testing, one reaches a conclusion that some things are not meant to be.

Has anyone successfully used a self-signed certificate for https access for both web client and smart client?

thanks,
--Joe.
joe26
 
Posts: 172
Joined: Wed Jun 19, 2013 10:30 pm

Re: Recent Success On Using Self-Signed Certificate For SSL?

Postby sean » Fri Apr 28, 2017 7:18 pm

Hi Joe,

Can you please share a bit more about your experience ?
Where does it fail ?
What errors do you get ?

Do you plan to run self-signed in production?
I ask In general browsers and Java will not like this, seeing it as a security weakness.
You can tell the client to "trust" it. But keep in mind you have to do this for all clients
Software Engineer
Servoy USA
sean
 
Posts: 370
Joined: Mon May 21, 2007 6:26 pm
Location: USA

Re: Recent Success On Using Self-Signed Certificate For SSL?

Postby joe26 » Fri Apr 28, 2017 9:01 pm

Hi Sean,

This isn't for production. I'm just getting it ready for https since a server is exposed to the internet.

I'm not getting an error, per se. When I look at the client, it shows that I'm still hitting port 8080 instead of 8443.

I use the https://companyOne.org:8443/servoy-client/solution.jnlp, and it serves up the page, but shows 8080 in the server clients detail list.

I'm using profiles to test the parameters... with the https changes to tomcat (https connector and IE8 no cache settings).

SocketFactory.compress=true
SocketFactory.useSSL=true
SocketFactory.tunnelUseSSLForHttp=false
SocketFactory.tunnelConnectionMode=http&socket
SocketFactory.SSLKeystorePath=C:\Servoy748\application_server\server\conf\mykeystore.ks
SocketFactory.SSLKeystorePassphrase=******************

thanks!
--Joe.
joe26
 
Posts: 172
Joined: Wed Jun 19, 2013 10:30 pm

Re: Recent Success On Using Self-Signed Certificate For SSL?

Postby joe26 » Fri Apr 28, 2017 9:56 pm

Perhaps it is working. I'm seeing http-8443-5 Thread messages in the Server log. Servoy only shows port 8080.
I'm hoping this means that SSL is active. The smart client doesn't have any indication that it is encrypted.

Does this include SSL over the RMI port?

Is there something I can execute and test against as to whether the session is secured, and not just defaulting to http connections?

I'd like to ensure that the user is on a secure session, ie location.protocol.

Thanks,
--Joe.
joe26
 
Posts: 172
Joined: Wed Jun 19, 2013 10:30 pm


Return to I'm just getting started

Who is online

Users browsing this forum: No registered users and 3 guests