This section describes known issues and associated solutions related to Application Server and web application security and certificates.
SSL termination is not working; when Load Balancer (Hardware) is configured for SSL termination, the Application Server changes the protocol from https to http during redirection.
Add a software load balancer between the hardware load balancer and the Application Server.
Because of a JVM bug, there is a leak issue with some JDK versions when security-enabled is set to true on an HTTP listener. Specifically, the steps to reproduce this bug are as follows:
Set security-enabled to true on the HTTP listener:
<http-listener acceptor-threads="1" address="0.0.0.0" blocking-enabled="false" default-virtual-server="server" enabled="true" family="inet" id=" http-listener-1" port="8080" security-enabled="true" server-name="" xpowered-by="true"> |
Comment out stopping domain at the end of quicklook tests.
Run quicklook tests.
Check socket usage:
netstat -an | grep 8080 |
The following are shown to be in use:
*.8080 *.* 0 0 49152 0 LISTEN *.8080 *.* 0 0 49152 0 BOUND |
This issue is tracked on the Glassfish site at https://glassfish.dev.java.net/issues/show_bug.cgi?id=849.
Upgrade to the latest JDK version.