Java Reference
In-Depth Information
What happened? Once you establish a secure connection with the web server, the server
certificate is sent to the browser. Since the certificate has not been signed by any recog-
nized CA, the browser security sandbox warns the user about the potential security threat.
This is an in-house test so we can safely proceed by choosing
Continue to this website
.
That's all you need to do in order to activate the Secure Socket Layer with a self-signed
certificate.
Securing HTTP communication with a certificate signed by a CA
Having your certificate signed requires a
certificate-signing request
(
CSR
) to be issued
to a CA, which will return a signed certificate to be installed on your server. This implies
a cost for your organization, which depends on how many certificates you request, the en-
cryption strength, and other factors.
Firstly, generate a CSR using the newly created
keystore
and keyentry:
keytool -certreq -keystore jboss.keystore -alias wflyalias
-storepass mypassword -keypass mypassword -keyalg RSA
-file certreq.csr
