Skip to main content

SSL configuration in JBoss


To configure an SSL port with keystore , check the following steps:

1. Generate the keystore with the following command ( using the java keytool command)
keytool -genkey -alias tomcat -keyalg RSA -keystore NAME_OF_KEYSTORE -validity NUMBER_OF_DAYS
( For more details check the url http://download.oracle.com/javase/1.5.0/docs/tooldocs/windows/keytool.html )

2. Copy the file into the jboss/server/<NAME>/conf/ directory

3. Edit the server.xml in the following path
JBoss version 4.0.4 = jboss/server/<NAME>/deploy/jbossweb-tomcat55.sar/
JBoss version 4.2.2 = jboss/server/<NAME>/deploy/jboss-web.deployer/

4. For JBOSS 4.0.4 the SSL-connector should be configured like:

<!– SSL/TLS Connector configuration using the admin devl guide keystore     –>
<Connector port=”THE_PORT_YOU_LIKE” address=”${jboss.bind.address}”
maxThreads=”100? strategy=”ms” maxHttpHeaderSize=”8192?
emptySessionPath=”true”
scheme=”https” secure=”true” clientAuth=”false”
keystoreFile=”${jboss.server.home.dir}/conf/THE_KEYSTORE_NAME”
keystorePass=”PASSWORD_FOR_THE_KEYSTORE” sslProtocol = “TLS” />

For JBOSS 4.2.2, configure it like this:

<Connector port=”THE_PORT_YOU_LIKE” protocol=”HTTP/1.1? SSLEnabled=”true”
maxThreads=”150? scheme=”https” secure=”true”
clientAuth=”false”
strategy=”ms”
address=”${jboss.bind.address}”
keystoreFile=”${jboss.server.home.dir}/conf/THE_KEYSTORE_NAME”
keystorePass=”PASSWORD_FOR_THE_KEYSTORE”
truststoreFile=”${jboss.server.home.dir}/conf/THE_KEYSTORE_NAME”
truststorePass=”PASSWORD_FOR_THE_KEYSTORE”
sslProtocol=”TLS”/>

5. Now you should be able to access your application through https. Remember to use https:// instead of http:// in your browser-url, or else it will fail.

6. If you want to disable the non-secured port 8080, comment and disable that connector in the same server.xml.

7. Example for jboss-4.0.5.GA
jboss-4.0.5.GA\server\<application>\deploy\jbossweb-tomcat55.sar\server.xml

<!– SSL/TLS Connector configuration using the admin devl guide keystore –>
<Connector port=”8443? address=”${jboss.bind.address}”
maxThreads=”100? strategy=”ms” maxHttpHeaderSize=”8192?
emptySessionPath=”true”
scheme=”https” secure=”true” clientAuth=”false”
keystoreFile=”${jboss.server.home.dir}/conf/my.keystore”
keystorePass=”pwd123? sslProtocol = “TLS” />
Labels:

Comments

Post a Comment

Popular posts from this blog

How to convert your Blogger Blog to PDF ?

You can use a website called "blogbooker" @  http://www.blogbooker.com/blogger.php   to convert your Blogger Blog to a PDF . Please find the steps below : 1. Save your blog as an xml using Blogger Settings - Other - Export Blog option 2. Go to the website " http://www.blogbooker.com/blogger.php " and select this XML , give your blog address and select the options like date range, page size, font, ... 3. Click the  "Create Your BlogBook" button to view and save your blog as PDF
4 comments
Read more

ATG Product Catalog schema ER diagram

Check out the O rder schema ER-Diagram @   http://tips4ufromsony.blogspot.in/2012/02/atg-order-schema-er-diagram.html Check out the User Profile  schema ER-Diagram @ http://tips4ufromsony.blogspot.in/2012/03/atg-user-profile-schema-er-diagram.html If you would like to know the relationship between different Product Catalog tables, please find below screen shots of  Product Catalog schema ER Diagrams.
3 comments
Read more

Eclipse plug-in : single java file compiler

At any point of time, you think about an Eclipse plug-in to compile a single java file in your Eclipse (as the Eclipse provide only the option for Build-All ) ? Here , I am giving the links to a plug-in, helping you to compile a single java file. Find the plug-in @ http://timealias.bplaced.net/eclipse2ant . Please find below some screen shots:
Post a Comment
Read more

SOAP UI faster start up

If you feel like your SOAP UI is starting up very slowly, check whether this is due to any start up web page call. You can check this @ Preferences - UI Settings - Show Startup Page ==> Here you can deselect this option to improve the start-up time.
Post a Comment
Read more

ATG License Files and Oracle Software Delivery Cloud

Oracle no longer generates license keys that are specific to your IP address(es). Oracle now provides generic license files that enable you to fully utilize all of the features for which you are licensed. Please find the ATG License files for different ATG versions @ http://www.oracle.com/us/support/licensecodes/atg/index. @ Oracle Software Delivery Cloud , you can find downloads for all licensable Oracle products –> https://edelivery.oracle.com/ Please find below a screen shot for ATG products download :
Post a Comment
Read more