ofbiz-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Skip" <s...@thedevers.org>
Subject SSL certificate creation for localhost
Date Wed, 01 Feb 2017 02:14:56 GMT
For my development machine as well as other users in the local intranet, I
am using the default SSL certificate that comes with ofbiz.  However, this
cert is not accepted by IE 11 (giving the very helpful error message "This
page can't be displayed".  Firefox reports that the certificate "was signed
using a certificate algorithm that was disabled...".

I can and have made modifications to Firefox and Chrome to accept this
certificate and that is all good.

However, I am writing a Windows Win32 application that queries an ofbiz
https URL and gets json data.  I am getting the same error with this
application (works fine with http instead of https) that I get with IE11.  I
have to use Win32 APIs because this app is running on a really low power box
that requires some windows services, so I can't use Linux.

I can make this app work by running the request through an apache server and
using ajp to the ofbiz server where the apache server has a good signed
certificate, so I am sure the ofbiz URL is working just fine.

I have tried the advise here:

https://cwiki.apache.org/confluence/display/OFBIZ/Ant+Script+to+build+new+of
biz+self+cert

The above ant script generates a cert file that doesnt work at all with
Firefox or IE.


This link:
https://cwiki.apache.org/confluence/display/OFBIZ/Apache+OFBiz+Technical+Pro
duction+Setup+Guide#ApacheOFBizTechnicalProductionSetupGuide-SSLCertificateS
etup
describes a production setup.  However, I am interested in multiple dev
machine setups and I don't want to wait on a real certificate authority.


So, can anyone tell me how to generate a self signed certificate and install
it on ofbiz that will be accepted by IE11?  A real certificate is $100 and
weeks of work.

All I care about is getting IE11 to connect on localhost to ofbiz using
https.

Thanks in advance.

Skip



Mime
View raw message