For all of our services (such as Haplogrep), we are using Restlet on server side.
This blog entry summarizes the necessary steps to set up a working HTTPS Restlet Server with a valid certificate and a trusted connection. Check out the Github Repo for the source code!
Set up a Java Keystore
In a first step, a new Java Keystore needs to be created using the keytool of JDK (use at least Java 7 for this):
Now, generate a new certificate signing request (CSR) and send it your certificate authority (CA). Alternatively, the CSR can also be self-signed.
Import the received root / intermediate webserver certificate files (CRTs) from your CA like this (I received two files):
Create a Restlet Webapp (Updated on Nov 24)
Now it’s time to integrate your certificate into your Restlet App as described here. The running example can be found here.
Keep in mind that your service should use the latest version of Restlet (currently 2.3) and Java 8 to avoid errors like this on Firefox (result: no connection can be established!):
or this one on Chrome (result: connection can be established but with warnings):
This short tutorial should give you an up and running Restlet server and avoid many mistakes I did in the past. Contact me if something is unclear!