ssl ssl
Lets make something clear from the very start: JUST BECAUSE THERE IS https:// IN THE URL OF THE REMOTE SERVICE IT DOES NOT MEAN THE CONNECTION IS SECURE!
I am sorry for the tone of this post but i am enraged by how popular this issue is online. If you ask why i suggest a little experiment.
Steps to follow
- Change your host file settings to point something like www.somedomain.com to your development server
- Create a self signed certificate for this domain and setup a https virtual host to serve it on local IP or alias
- Put a test file on that URL
Java applications that use ssl to consume web services via jax-ws or use HTTP clients may check the SSL certificate of the server in runtime. In case if your certificate is self signed or Common Name of the certificate does not match the domain name you will get connection errors.
To be able to develop applications you may need to run them on dev/qa servers and then allow your Java application consume these services. To do it you will need to import their SSL certificates into your local Java keyring (the same way you add exception rules into your browser).
If you are writing a Java or grails application and want to consume https web service or download something over SSL you may need to add the certificate manually to the keystore.
If your web service does not have properly signed certificate (like self signed ones) then you have no choice. Libraries may throw exception and you wont be able to access the resources. But no fear there is an easy way to fix it and add any SSL certificate to local keystore.
We often need to test some sites on local machine or development server. Its good to have ssl environment set so we could test all links etc. For that to work we need a ssl certificate for our apache server. Then we will be able to start apache mod ssl extension.
