Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
You will need an SSL certificate to serve an SSL application. The issue with an SSL certificate is that it needs to be trusted by the browser, so if you are having people use the application you need to get a real SSL certificate from a certificate provider, like Godaddy or many others. For testing purposes you can make a "self-signed" certificate which can be used, but the client using the browser will get warnings indicating problems with the certificate.
There is no way to get a real SSL certificate for free.
I trust from this answer you can make the appropriate google queries to get you on your way.
How SSL, HTTPS and Certificates Works in Java web , Security is major concern while developing web applications, which is accessible using HTTP protocol. Since HTTP protocol transfer data in The Java web application uses the Microsoft Authentication Library for Java (MSAL4J) to obtain an: Id Token from Azure Active Directory (Azure AD) to sign in an user Access token that is used as a bearer token when calling the Microsoft Graph to get basic information of the signed-in user.
You need an SSL certificate approved by a CA (certificate authority) so your clients will not get a warning in their browsers when they use your webapp. For such a certificate to be obtained, you generally have to pay some money to the CA. However, for testing purposes you can use a self-signed certificate.
You can generate a self-signed certificate and put it on your server. Later you can replace it with a real certificate. If you already have the real certificate, just skip to step 2 of my answer. The methods for generating a self-signed certificate differ but basically you have to do the following (abstraction):
1. Generate a self signed certificate:
You can use numerous tools and programs for that but somehow I find the most popular ways to generate a self signed certificate are:
java's keytool - http://docs.oracle.com/javase/1.4.2/docs/tooldocs/windows/keytool.html
b) openssl - http://www.sslshopper.com/article-most-common-openssl-commands.html Both methods are absolutely equivalent and it is a matter of preference which one you use (I use openssl) 2. Put this certificate in your servlet container/application server.
There are many servlet containers and application servers and the instructions for putting the certificate there vary even between different versions of the servers/containers and chosen configuration. Below I will list the ones I believe are most popular with youth nowadays...
tomcat 7 - http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
glassfish - http://artur.ejsmont.org/blog/content/how-to-generate-self-signed-ssl-certificate-for-glassfish-v3-and-import-it-into-java-keyring
jbossWeb (Servlet Container) - http://docs.jboss.org/jbossweb/3.0.x/ssl-howto.html how to make web application accessible from https in java, The issue with an SSL certificate is that it needs to be trusted by the browser, so if you are having people use the application you need to get a real SSL certificate I am having a web application and it to be accessible to all who are using internet when they click on a specific link in our companies products page.The application is running in Apache Tomcat 6.0 server and our company uses IIS to host the companies domain.Now this application is also deployed on the same machine and we have given the same ip and this application is not opening up while
I realise this is very old thread, but you can get nowadays free certificates from a CA (Certificate Authority) called Let's Encrypt. Obtaining a certificate is quite easy using Certbot ACME protocol client (Automatic Certificate Management Environment)
https://certbot.eff.org/. The client requires root access in your server.
1) Install Cerbot using certbot-auto script
chmod a+x ./certbot-auto
2) Fetch a license either using standalone plugin or webroot plugin. Standalone opens a small server to port 80 or 443 so either port must be free. Webroot uses an existing running server. With standalone run command
certbot-auto certonly --standalone --standalone-supported-challenges http-01 -d yourdomain.com
With both webroot plugin and standalone plugin the certonly option certbot will fetch a certificate and store it to /etc/letsencrypt/live/.
3) Certificates from Let's Encrypt are short lived (only 90 days) so remember to renew those
4) After you have your certificate, you need to convert it to PKCS12 format and store it to Java keystore.
openssl pkcs12 -export -in /etc/letsencrypt/live/yourdomain.com/fullchain.pem -inkey /etc/letsencrypt/live/yourdomain.com/privkey.pem -out /etc/letsenscrypt/live/yourdomain.com/pkcs.p12 -name mytlskeyalias -passout pass:mykeypassword
keytool -keystore /path/to/my/keystore -delete -alias ‘mytlskeyalias’ -storepass ‘mystorepassword’
keytool -importkeystore -deststorepass mystorepassword -destkeypass mykeypassword -destkeystore /path/to/my/keystore -srckeystore /etc/letsencrypt/live/mydomain.com/pkcs.p12 -srcstoretype PKCS12 -srcstorepass mykeypassword -alias mytlskeyalias
All steps are described in more detail in
Then follow Nikola Yovchev's links for specific Servlet Containers to enable SSL/TLS.
The Complete Guide To Switching From HTTP To HTTPS , The Hypertext Transfer Protocol (HTTP) is the basic communication protocol that both The problem with the real-life application of the public key infrastructure is that Obtain the signed HTTPS certificate and install it on your web server. It is to be protected and accessible only by the system super-user. Perceivable: Users need to be able to use your application and access all content; you must provide text alternatives for any non-text content and make it easier for visually or audibly impaired users to access your content. Operable: Make your entire web app navigable by keyboard, and establish a clear information architecture.
How to Enable HTTPS on a Spring Boot Application, JKS(Java Key Store) is easy to access from your own Java apps. JKS is limited only to Java and not accessible from outside Java. PKCS12: Public Key <artifactId>spring-boot-starter-web</artifactId>. 5. </dependency>. 6. This is the second part of a simple tutorial about building Web Applications with Java. In this part I will show how to create a simple Servlet and configure the application so that a user can Everything About HTTPS and SSL (Java), HTTPS has become a norm as a part of securing your application. HTTPS ensures there is at least a basic level of security involved in application using SSL, you need to install SSL/TLS certificates onto your web server. In this document, I will guide step by step how to create a simple web application with the combiantion of Servlet + JSP + Filter + JSP EL + JDBC.Make sure that you've mastered Servlet, JSP and Filter and JDBC before the start.
Enable HTTPS on your web server—ArcGIS Web Adaptor (Java , To be able to create an HTTPS connection between ArcGIS Web Adaptor and your For example, if your portal is not behind your firewall and accessible over the printing hosted services and accessing the portal from client applications. Begin by creating a new Java web project in the IDE: Choose File > New Project (Ctrl-Shift-N; ⌘-Shift-N on Mac) from the main menu. Select the Java Web category, then select Web Application. Click Next. The New Project wizard allows you to create an empty web application in a standard IDE project.
Comments How you configure SSL is going to depend on the webserver you are using (eg. Tomcat, Apache). You can use a self-signed certificate, but your users will get a warning about the certificate. You will need to purchase a certificate from a trusted CA (certificate authority). It is not necessary to purchase it anymore as there is a free service you can use to get a valid certificate. Here are Java specific instructions how to use Let's Encrypt service: vaadin.com/blog/-/blogs/lazy-loading-with-vaadin-8 @ Francis:I don't agree with the way you phrase your answer.In the end what is a real SSL certificate?If you create a self signed SSL certificate and you configure it as trusted then what is it that makes it not real, as you phrase it?It is a matter of who you trusted and who is the authority that verifies you, but IMHO the term
real is not a good one.
Regarding step 4: it worked as is for me on one system. On another, I would get errors "javax.crypto.BadPaddingException: Given final block not properly padded". But since keytool was also saying "jks format proprietary - use pkcs12" as a warning, I tried just skipping the keytool -importkeystore step, and used the pkcs.p12 file produced by openssl, and that worked just fine! (That approach might not work if you need to work with more than one certificate, though.)