how to generate a self signed and configure an SSL?

Question

I am very new to SSL,wants to install SSL for my application on GLASSFISH,though tried to find some tutorials which can teach me from basic,but was unable to find any elaborative solution . 1)Like how to generate a self signed Certificate for the SSL? 2)How to configure this certificate with my application? 3)how to Configure only LOGIN page on SSL? 4)What is this openSSL,how it can be used in application?

Answer 1

1. How to generate a new self-signed certificate using keytool
2. How to create a keystore using keytool
3. Sorry, I don't understand this question.
4. OpenSSL and Glassfish

Answer 2

For question 3. It can be done like:

1. Create a security realm called "userauth" instructions in : http://docs.oracle.com/cd/E18930_01/html/821-2435/ggkuk.html

2. configure your web.xml to protect your login page by requiring it to have CONFIDENTIAL (encrypted) property set. Example:

   <security-constraint>   
       <display-name>ConstraintSSL</display-name>
       <web-resource-collection>
           <web-resource-name>protected</web-resource-name>
           <description/>
           <url-pattern>/login/*</url-pattern>
           <url-pattern>/login.*</url-pattern>
           <http-method>GET</http-method>
           <http-method>POST</http-method>
           <http-method>HEAD</http-method>
           <http-method>PUT</http-method>
           <http-method>OPTIONS</http-method>
           <http-method>TRACE</http-method>
           <http-method>DELETE</http-method>
       </web-resource-collection>
   
       <user-data-constraint>        
         <transport-guarantee>CONFIDENTIAL</transport-guarantee>
       </user-data-constraint>        
   </security-constraint>
   
   
   <security-role>
       <description/>
       <role-name>USERS</role-name>
   </security-role>
   <security-role>
       <description/>
       <role-name>ADMINISTRATORS</role-name>
   </security-role>
   

with the above config, login page (login.* or /login/*) requires a secure channel, in this case HTTPS. So your application will automatically redirect to the SSL port if properly configured in your glassfish server.