Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
869 views
in Technique[技术] by (71.8m points)

ssl - Glassfish 5 Server's HTTPS Not Working "Out of the Box"

I am reading this tutorial page: https://javaee.github.io/tutorial/security-intro006.html Which explains that I should be able to view the SSL version of the home page (index.html) by going to the following URL: https://localhost:8181. However, when I point my browser at this address I receive an error that is shown in Figure 1.

I have a feeling configuring this could take hours the first time. Does anyone have a tutorial that can help me configure HTTPS on my loopback address in Glassfish?

I found links to documentation on the administration console, running on port 4848, but this is tough to understand. The quick start guide does not cover this aspect. I mean there is a quick start guide also on the administration console but configuring HTTPS is not covered.

enter image description here Figure 1: HTTPS/SSL page not working - glassfish v5

FIXED I think Mike helped me fix this problem. Thank-you Mike! That was a solution I would not of come up with on my own. Thank-you for getting me out of that hole.

However, when I now access this secure web address on my loopback address, https://localhost:8181, I actually see the webpage and not the error page shown in Figure 1. However, there is a red line through the protocol in the URL and the words explaining that the connection is not secure. How can I make the connection secure?

enter image description here Figure 2: Glassfish HTTPS home page working but not secure

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

If you look in the logs, you will likely see something like this after you try to visit the secure page:

[2018-05-21T14:34:31.982+0100] [glassfish 5.0] [WARNING] [] [org.glassfish.grizzly.filterchain.DefaultFilterChain] [tid: _ThreadID=100 _ThreadName=http-listener-2(2)] [timeMillis: 1526909671982] [levelValue: 900] [[
  GRIZZLY0013: Exception during FilterChain execution
java.lang.NoClassDefFoundError: sun/security/ssl/SupportedEllipticCurvesExtension
        at sun.security.ssl.HelloExtensions.<init>(HelloExtensions.java:82)
        at sun.security.ssl.HandshakeMessage$ClientHello.<init>(HandshakeMessage.java:362)
        at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:223)
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:984)

The solution to this is to downgrade your version of Java to a version below 8u161.

I answered this in more detail in another answer but, if you do not like the idea of downgrading Java, you could either use the latest GlassFish 5.0.1 nightly or switch to Payara 5, which is derived from GlassFish and should work the same in most cases.

Edit: Note that, after making one of these changes, you will still need to add a security exception so that your browser accepts the self-signed certificate, but the page should work with no further issues; I verified this myself with Java 8u144


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...