Announcement Announcement Module
No announcement yet.
SSL Configuration Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • SSL Configuration

    I know this is not a spring issue per se, but I am trying to implement spring security / ssl in my development environment. (eclipse tomcat).
    I have gotten it to work but when I switch to an https url I get the IE "certificate warning" message. It will continue to the page and switch to https if you use that option, but I am not sure where/what I need to configure the environment to avoid this.

    If anyone could point me in the right direction I would appreciate it. Thanks.

  • #2

    If you use IE6, you would get more precise information, but generally browser performs 3 checks while connecting to SSL (HTTPS) site:
    1. is the server certificate or server certificate's issuer known? (is CA certificate stored in browser's certificate manager?)
    2. does common name (CN) of server's certificate match server's name? (if you connect to "https://localhost", CN must be equal to "localhost". if you connect to", CN must match "". The port number is irrelevant)
    3. is server's certificate not expired?

    If any of the above is false, you get a warning. You only can "configure" the first condition - by storing the issuing certificate of server's certificate in browser's certificate manager.

    Grzegorz Grzybek