How to force HTTPS use in a Java Web Application

If you want to force the users to always use https:// even if they typed in http:// url, Applying Security Constraint in Web.xml can help.

      <security-constraint>
          <display-name>HTTPS-redirect</display-name>
          <web-resource-collection>
              <web-resource-name>secured-environments</web-resource-name>
              <description>Do HTTPS redirect so that the connection is secured</description>
              <url-pattern>/*</url-pattern>
          </web-resource-collection>
          <user-data-constraint>
              <transport-guarantee>CONFIDENTIAL</transport-guarantee>
          </user-data-constraint>
      </security-constraint>

The above constraint re-directs the user to https URL.

How to easily add SSL Certificates to IBM Websphere Server

In order to add SSL Certificate to IBM Websphere Server, the signer might need to be added to the local trust store. You can use the Retrieve from port option in the administrative console to retrieve the certificate and resolve the problem. If you determine that the request is trusted, complete the following steps:

  1. Log into the administrative console.
  2. Expand Security and click SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations.
  3. Select the appropriate outbound configuration to get to the (cell):MyCompNode07Cell:(node):MyCompNode07 management scope. (The cell names and node names are just examples)
  4. Under Related Items, click Key stores and certificates and click the NodeDefaultTrustStore key store.
  5. Under Additional Properties, click Signer certificates and Retrieve From Port.
  6. In the Host field, enter your domain such as icodejava.com in the host name field, enter 443 in the Port field, and icodejava.com_cert in the Alias field.
  7. Click Retrieve Signer Information.
  8. Verify that the certificate information is for a certificate that you can trust.
  9. Click Apply and Save.