Introduction to certificates and ssl, About digital certificates – Sun Microsystems GLASSFISH ENTERPRISE 820433510 User Manual
Page 108
Assign a security role to users in the realm.
To assign a security role to a user, add a security-role-mapping element to the deployment
descriptor that you modified in
The following example shows a security-role-mapping element that assigns the security role
Employee
to user Calvin.
Introduction to Certificates and SSL
The following topics are discussed in this section:
■
“About Digital Certificates” on page 108
■
“About Secure Sockets Layer” on page 109
About Digital Certificates
Digital certificates (or simply certificates) are electronic files that uniquely identify people and
resources on the Internet. Certificates also enable secure, confidential communication between
two entities.
There are different kinds of certificates, such as personal certificates, used by individuals, and
server certificates, used to establish secure sessions between the server and clients through
secure sockets layer (SSL) technology. For more information on SSL, see
Certificates are based on public key cryptography, which uses pairs of digital keys (very long
numbers) to encrypt, or encode, information so it can be read only by its intended recipient. The
recipient then decrypts (decodes) the information to read it.
A key pair contains a public key and a private key. The owner distributes the public key and
makes it available to anyone. But the owner never distributes the private key; it is always kept
secret. Because the keys are mathematically related, data encrypted with one key can be
decrypted only with the other key in the pair.
A certificate is like a passport: it identifies the holder and provides other important information.
Certificates are issued by a trusted third party called a Certification Authority (CA). The CA is
analogous to passport office: it validates the certificate holder's identity and signs the certificate
so that it cannot be forged or tampered with. Once a CA has signed a certificate, the holder can
present it as proof of identity and to establish encrypted, confidential communications.
5
Introduction to Certificates and SSL
Sun GlassFish Enterprise Server 2.1 Administration Guide • December 2008
108