Tutorials
Child pages
  • Creating a keystore with a signed certificate
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

In several locations within Servoy a keystore with a signed SSL Certificate is used:

  • For enabling HTTPS access to all web pages hosted by the Servoy Application Server, including the Servoy Web Clients
  • For enabling SSL encryption of the traffic between the Servoy Application Server and the Servoy Smart Clients
  • For (re)signing all libraries of Servoy and additional plugins & beans that get downloaded to the Smart Client

In all three scenario's a keystore is required containing a signed certificate. While a keystore with a self signed certificate can be easily created, in order to achieve proper security, a certificate signed by a trusted third part Certificate Authority (CA) is required.

Self signed certificates will not be recognized as secure by browsers or Java WebStart and thus will raise warnings to the end user.

The process of creating a keystore with a signed certificate by a trusted third part Certificate authority consists of 2 steps:

  1. #Creating a keystore with a self signed certificate
  2. Getting the self-signed certificate  signed by a trusted third party and importing the updated 

Enabling HTTPS

With HTTPS enabled, all web pages served by the Servoy Application Server will be send over the network encrypted, so what gets send over the network cannot be read by third parties. It's advised to run Web Clients over HTTPS in production environment, as most likely there will be private data being send back and forth between the Servoy Application Server and the Web clients, for example login credentials.

For more information on how to enable HTTPS see Network related settings.

Enabling SSL

Signing libraries

To secure the traffic between a Servoy Application Server and the clients, it's possible to enable SSL encryption to encrypt the traffic between the Servoy Application Server and Smart Clients and enable HTTPS to encrypt the traffic between the Servoy Application Server and the Web Clients.

Both options require a keystore with a signed SSL Certificate in order to be fully secure. It is possible to not specify a keystore with 

  • No labels