Apache Tomcat https setup

  • Permalink
  • submit to reddit
  • Email
  • Follow


I am using Apache Tomcat 6. I have setup an https site by installing
some certificates. When  I enter https  url a pop-up message comes
showing the certificate. Is there a way to prevent this pop-up message
because it is annoying to users. We are in an intranet and primary
purpose is to encrypt passwords, data etc sent over the network.

I have seen some other websites using https where the pop-up message
does not come. When I installed certificates in certificate store
using java command I trusted all the certificates, so do not know why
popup-up message comes.


Thanks a lot.
0
Reply zigzagdna 10/13/2010 4:17:42 PM

See related articles to this posting

On Oct 13, 12:17=A0pm, zigzagdna <zigzag...@yahoo.com> wrote:
> I am using Apache Tomcat 6. I have setup an https site by installing
> some certificates. When =A0I enter https =A0url a pop-up message comes
> showing the certificate. Is there a way to prevent this pop-up message
> because it is annoying to users. We are in an intranet and primary
> purpose is to encrypt passwords, data etc sent over the network.
>
> I have seen some other websites using https where the pop-up message
> does not come. When I installed certificates in certificate store
> using java command I trusted all the certificates, so do not know why
> popup-up message comes.
>

"A pop-up message ... showing the certificate" is a tad imprecise.  I
assume it's the message asking users to accept the certificate, which
comes up when the certificate is not signed by a trusted authority.

You say you "trusted all the certificates", another imprecise
statement.  Do you mean you went to each user's browser and instructed
it to trust the signing authority of the certificate?

If not, that could explain the issue, assuming my assumption of what
you meant is correct.

--
Lew
0
Reply Lew 10/13/2010 4:47:35 PM

On Oct 13, 12:47=A0pm, Lew <l...@lewscanon.com> wrote:
> On Oct 13, 12:17=A0pm, zigzagdna <zigzag...@yahoo.com> wrote:
>
> > I am using Apache Tomcat 6. I have setup an https site by installing
> > some certificates. When =A0I enter https =A0url a pop-up message comes
> > showing the certificate. Is there a way to prevent this pop-up message
> > because it is annoying to users. We are in an intranet and primary
> > purpose is to encrypt passwords, data etc sent over the network.
>
> > I have seen some other websites using https where the pop-up message
> > does not come. When I installed certificates in certificate store
> > using java command I trusted all the certificates, so do not know why
> > popup-up message comes.
>
> "A pop-up message ... showing the certificate" is a tad imprecise. =A0I
> assume it's the message asking users to accept the certificate, which
> comes up when the certificate is not signed by a trusted authority.
>
> You say you "trusted all the certificates", another imprecise
> statement. =A0Do you mean you went to each user's browser and instructed
> it to trust the signing authority of the certificate?
>
> If not, that could explain the issue, assuming my assumption of what
> you meant is correct.
>
> --
> Lew

Lew:

Yes, pop-up message is for what you say. I did not go to each user's
browser; instead when I was running java commands  on web server to
install certficates in a kety store which is used by Tomcat; java
command asked me whether certificate is to be trusted.
How does browser decides whether
"certificate is not signed by a trusted authority". Is certifcate have
to be installed in some place on user's PC. If yes where?

THANKS A LOT.

Prem
0
Reply zigzagdna 10/13/2010 5:49:31 PM

On 13-10-2010 13:49, zigzagdna wrote:
> Yes, pop-up message is for what you say. I did not go to each user's
> browser; instead when I was running java commands  on web server to
> install certficates in a kety store which is used by Tomcat; java
> command asked me whether certificate is to be trusted.
> How does browser decides whether
> "certificate is not signed by a trusted authority". Is certifcate have
> to be installed in some place on user's PC. If yes where?

This is a security feature.

If a site claims to be java.sun.com and the certificate is
signed by a company that the browser know, then there is no
need to ask.

If the browser does not know the signer of the certificate,
then you get prompted.

There are no way you can disable that server side. For
obvious reasons otherwise the hackers would let their
fake java.sun.com disable the check as well.

You either need to buy a certificate from one of the
known vendors or install the the signing certificate
at each client PC.

How depends on OS and browser.

Arne

0
Reply ISO 10/13/2010 11:57:46 PM

On Oct 13, 7:57=A0pm, Arne Vajh=F8j <a...@vajhoej.dk> wrote:
> On 13-10-2010 13:49, zigzagdna wrote:
>
> > Yes, pop-up message is for what you say. I did not go to each user's
> > browser; instead when I was running java commands =A0on web server to
> > install certficates in a kety store which is used by Tomcat; java
> > command asked me whether certificate is to be trusted.
> > How does browser decides whether
> > "certificate is not signed by a trusted authority". Is certifcate have
> > to be installed in some place on user's PC. If yes where?
>
> This is a security feature.
>
> If a site claims to be java.sun.com and the certificate is
> signed by a company that the browser know, then there is no
> need to ask.
>
> If the browser does not know the signer of the certificate,
> then you get prompted.
>
> There are no way you can disable that server side. For
> obvious reasons otherwise the hackers would let their
> fake java.sun.com disable the check as well.
>
> You either need to buy a certificate from one of the
> known vendors or install the the signing certificate
> at each client PC.
>
> How depends on OS and browser.
>
> Arne

Arne:

Thanks a lot. As alwyas you are extremely knowledagbale and your
answers are very clear.

0
Reply zigzagdna 10/14/2010 1:53:58 AM
comp.lang.java.programmer 51692 articles. 37 followers. Post

4 Replies
188 Views

Similar Articles

[PageSpeed] 36

  • Permalink
  • submit to reddit
  • Email
  • Follow


Reply:

Similar Artilces:

Apache Tomcat https link goes down but http works
I have setup a web suite in Apache Tomcat 5.5. Web site has lots of java software. I have both https and http. This is production system. We have given users to user https. https works for a few days but then when web site gives some "page not found access". However then I invoke http link; web site is up' why? Why http link brings up the application but https does not. Then when I restart Apache Tomcat https works again; same is true with http. Is this somekind of memory issue; i.e.; https sofwtare implenetaion has memory leaks etc? But then again if there are m...

Difference between Apache Tomcat and Jakrata Tomcat
Hi, Please tell me the difference between http://jakarta.apache.org/ and http://tomcat.apache.org/ Both are called tomcat and they both are used to run JSP and servlets. Do let me know 1) what I have to get installed to run JSP and servlets on windows 2) explain why there are two variations. 3) which one is more popular / secure / efficient Thanks "twins" <rohanroshan@gmail.com> wrote in news:1132940569.489319.265540 @g44g2000cwa.googlegroups.com: > Hi, > > Please tell me the difference between http://jakarta.apache.org/ and > http://tomcat.apache.org/ > B...

Virtual hosting with apache-httpd and apache-tomcat
Hi, I was just reading the VirtualHost documentation on the net, so a question popped up in my mind. I apologise if im posting on the wrong but I needed to clarify my doubts because I would be going in for an interview. So, straight to the question: In my scenario: I have a physical machine with apache webserver, IP: 192.168.10.1 if i want to set up virtual hosts on the apache webserver machine, I would create different sites with unique domain names but the same apache webserver IP. using the VirtualHost directive. Now, if I have apache-tomcat servlet container, which I install on a differ...

tomcat: The Apache Tomcat Native library which allows..........
hi, I'm trying to run Tomcat 5.5.23... but now get this error when turn on tomcat: INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: C:\Program Files\Java\jdk1.5.0_18\bin;.;C:\WINNT \system32;C:\WINNT;C:\WINNT;C:\WINNT\system32;C:\WINNT\System32\Wbem;C: \BATCH;C:\Program Files\Java\ I have sdk/jre 1.5.0_08 installed and have set the Path, JAVA_HOME, and CATALINA_HOME env variables properly.. I have installed and run tomcat many times before, on many different machines, I don't understand what...

Standalone Tomcat vs. Tomcat w/ Apache
Can someone please outline for me the tradeoffs involved between deploying standalone Tomcat vs. Tomcat using apache as the http server. I am aware that apache is better for large amount of static pages and ssl connections. What are the security implications? What are the performance implications? Can anyone point me to any good resources. Thanks ..... On 26 Dec 2003 08:22:06 -0800, aryehgolob@hotmail.com (Aryeh Golob) wrote: >Can someone please outline for me the tradeoffs involved between >deploying standalone Tomcat vs. Tomcat using apache as the http >server...

Apache Setup
How do I set up multiple WebHotels on my apache server. I'm running Apache 2.0 on Windows XP Professional.. KM KM wrote: > How do I set up multiple WebHotels on my apache server. > > I'm running Apache 2.0 on Windows XP Professional.. I'm not quite sure what you mean by WebHotel, but you likely want to look at the VirtualHost and NamedVirtualHost directives. You'll need a unique IP or DNS name for each "WebHotel". JP ...

apache tomcat
kindly anyone please tell me how to configure apache tomcat and use it for J2EE projects , on a windows machine , i am disparately waiting for the answer by experienced people , this will help a novice developer a lot , if possible also tell me how to use java beans with jsp focode wrote: > kindly anyone please tell me how to configure apache tomcat and use it > for J2EE projects , on a windows machine , i [sic] am disparately waiting > for the answer by experienced people , this will help a novice > developer a lot , if possible also tell me how to use java [sic] beans with >...

Apache and Tomcat
Hello All, This may sound like a silly question, but I need to ask it. I have installed Apache 2.1, MySQL and PHP on a Windows XP PRO box (temporarily on a dev box) and everything is working great. I now want to run Java for servlets and jsp. I installed the Apache Tomcat and set it up with the defaults (Port 8080) to run as a service. It seems that when I run http://localhost/test.php I am able to display with no problem. I can also run http://localhost/index.html. When I try and run java stuff I need to type http://localhost:8080/ to get to the tomcat root. I understand that this is part o...

Apache + Tomcat
I am looking for connectors enabling communication between Apache/2 v.2.0.xx and Tomcat 4.1 compiled for OS/2. I have not found compiled modules (mod_jk or mod_jk2) for OS/2. Should I compile these modules from sources or can I download them from somewhere? Jan N. Waliszewski ...