I've got GlassFish 3.1.2 installed on Linux CentOS 6.2, but it's fronted by Apache web server version 2.2.21 using mod_jk. That is, all traffic to GlassFish passes through Apache port 80 via mod_jk.
Now I need to support an HTTPS (domain name) with a certificate purchased from a third party (not sure who yet) for pages served by GlassFish.
Do I need to install the SSL certificate's in GlassFish, or Apache Web server, or both?
I just need a basic certificate installed to enable browsers to visit website without giving warning, or blocking, etc. Is this a fairly standard operation to install the certificate? I haven't been able to find any straightforward documentation.
Best Answer
Just apache is sufficient.
The certificate is issued in order that the customer can trust that the server is actually owned by you, and the public key in the certificate is used to encrypt a session key between your public internet facing server (apache) and the client browser. From the customers perspective, your glassfish server is hidden, as is the mod_jk connection (and any database connections).
The connection between apache and your glassfish app server is of no real interest to the client. However you should take adequate precautions to physically protect the internals of your server, if you intend to store customer information or credit card details.