Skip to main content

SSL configuration in JBoss


To configure an SSL port with keystore , check the following steps:

1. Generate the keystore with the following command ( using the java keytool command)
keytool -genkey -alias tomcat -keyalg RSA -keystore NAME_OF_KEYSTORE -validity NUMBER_OF_DAYS
( For more details check the url http://download.oracle.com/javase/1.5.0/docs/tooldocs/windows/keytool.html )

2. Copy the file into the jboss/server/<NAME>/conf/ directory

3. Edit the server.xml in the following path
JBoss version 4.0.4 = jboss/server/<NAME>/deploy/jbossweb-tomcat55.sar/
JBoss version 4.2.2 = jboss/server/<NAME>/deploy/jboss-web.deployer/

4. For JBOSS 4.0.4 the SSL-connector should be configured like:

<!– SSL/TLS Connector configuration using the admin devl guide keystore     –>
<Connector port=”THE_PORT_YOU_LIKE” address=”${jboss.bind.address}”
maxThreads=”100? strategy=”ms” maxHttpHeaderSize=”8192?
emptySessionPath=”true”
scheme=”https” secure=”true” clientAuth=”false”
keystoreFile=”${jboss.server.home.dir}/conf/THE_KEYSTORE_NAME”
keystorePass=”PASSWORD_FOR_THE_KEYSTORE” sslProtocol = “TLS” />

For JBOSS 4.2.2, configure it like this:

<Connector port=”THE_PORT_YOU_LIKE” protocol=”HTTP/1.1? SSLEnabled=”true”
maxThreads=”150? scheme=”https” secure=”true”
clientAuth=”false”
strategy=”ms”
address=”${jboss.bind.address}”
keystoreFile=”${jboss.server.home.dir}/conf/THE_KEYSTORE_NAME”
keystorePass=”PASSWORD_FOR_THE_KEYSTORE”
truststoreFile=”${jboss.server.home.dir}/conf/THE_KEYSTORE_NAME”
truststorePass=”PASSWORD_FOR_THE_KEYSTORE”
sslProtocol=”TLS”/>

5. Now you should be able to access your application through https. Remember to use https:// instead of http:// in your browser-url, or else it will fail.

6. If you want to disable the non-secured port 8080, comment and disable that connector in the same server.xml.

7. Example for jboss-4.0.5.GA
jboss-4.0.5.GA\server\<application>\deploy\jbossweb-tomcat55.sar\server.xml

<!– SSL/TLS Connector configuration using the admin devl guide keystore –>
<Connector port=”8443? address=”${jboss.bind.address}”
maxThreads=”100? strategy=”ms” maxHttpHeaderSize=”8192?
emptySessionPath=”true”
scheme=”https” secure=”true” clientAuth=”false”
keystoreFile=”${jboss.server.home.dir}/conf/my.keystore”
keystorePass=”pwd123? sslProtocol = “TLS” />
Labels:

Comments

Post a Comment

Popular posts from this blog

How to convert your Blogger Blog to PDF ?

You can use a website called "blogbooker" @  http://www.blogbooker.com/blogger.php   to convert your Blogger Blog to a PDF . Please find the steps below : 1. Save your blog as an xml using Blogger Settings - Other - Export Blog option 2. Go to the website " http://www.blogbooker.com/blogger.php " and select this XML , give your blog address and select the options like date range, page size, font, ... 3. Click the  "Create Your BlogBook" button to view and save your blog as PDF
4 comments
Read more

Eclipse plug-in - More Clipboard

More Clipboard is an Eclipse plug-in which keeps track of the latest entries copied/cut into clipboard buffer and allows you to quickly access these entries. http://sourceforge.net/projects/moreclipboard/ http://marketplace.eclipse.org/content/more-clipboard
Post a Comment
Read more

Intimation u/s 143(1) of the Income Tax act

Have you got your Income Tax filing e-receipt ? After a successful assessment of tax returns, income tax department issues Intimation u/s 143(1). Normally these intimations will be received through email to the Email address provided when filing income tax returns online. If “NET AMOUNT REFUNDABLE /NET AMOUNT DEMAND”  is less than Rs 100, you can treat this Intimation u/s 143(1) as completion of income tax returns assessment under Income Tax Act. It can be useful for the proof of Income/ Completion of income tax returns assessment. In case of demand , we need to pay the entire Demand within 30 days of receipt of this intimation.The payment can be made using the printed challan enclosed in the mail or you can go for online tax payment. The Tax Payment challan is enclosed if the Tax Payable exceeds Rs. 100. If you go for online tax payment, follow the instructions listed @   http://tips4ufromsony.blogspot.com/2011/03/online-income-tax-payment-using.html  a...
2 comments
Read more

SOAP UI faster start up

If you feel like your SOAP UI is starting up very slowly, check whether this is due to any start up web page call. You can check this @ Preferences - UI Settings - Show Startup Page ==> Here you can deselect this option to improve the start-up time.
Post a Comment
Read more

Oracle ATG commerce - ATG's Blog , Facebook link and Youtube channel

You could read the Oracle Complete Commerce blog to get an idea about the latest Oracle updates regarding commerce including the ATG commerce @ https://blogs.oracle.com/commerce/ https://blogs.oracle.com/commerce/tags/atg Also checkout the ATG commerce Youtube channel @ http://www.youtube.com/atgcommerce Checkout the ATG commerce  Facebook link @ http://www.facebook.com/atgcommerce Another ATG user group @ Facebook : http://www.facebook.com/pages/ATG-Users-Group/105314702928610?sk=wall Check out the below Oracle blog to get the archived Oracle webcast and presentations @ https://blogs.oracle.com/stevenChan/
Post a Comment
Read more