Skip to main content

SSL configuration in JBoss


To configure an SSL port with keystore , check the following steps:

1. Generate the keystore with the following command ( using the java keytool command)
keytool -genkey -alias tomcat -keyalg RSA -keystore NAME_OF_KEYSTORE -validity NUMBER_OF_DAYS
( For more details check the url http://download.oracle.com/javase/1.5.0/docs/tooldocs/windows/keytool.html )

2. Copy the file into the jboss/server/<NAME>/conf/ directory

3. Edit the server.xml in the following path
JBoss version 4.0.4 = jboss/server/<NAME>/deploy/jbossweb-tomcat55.sar/
JBoss version 4.2.2 = jboss/server/<NAME>/deploy/jboss-web.deployer/

4. For JBOSS 4.0.4 the SSL-connector should be configured like:

<!– SSL/TLS Connector configuration using the admin devl guide keystore     –>
<Connector port=”THE_PORT_YOU_LIKE” address=”${jboss.bind.address}”
maxThreads=”100? strategy=”ms” maxHttpHeaderSize=”8192?
emptySessionPath=”true”
scheme=”https” secure=”true” clientAuth=”false”
keystoreFile=”${jboss.server.home.dir}/conf/THE_KEYSTORE_NAME”
keystorePass=”PASSWORD_FOR_THE_KEYSTORE” sslProtocol = “TLS” />

For JBOSS 4.2.2, configure it like this:

<Connector port=”THE_PORT_YOU_LIKE” protocol=”HTTP/1.1? SSLEnabled=”true”
maxThreads=”150? scheme=”https” secure=”true”
clientAuth=”false”
strategy=”ms”
address=”${jboss.bind.address}”
keystoreFile=”${jboss.server.home.dir}/conf/THE_KEYSTORE_NAME”
keystorePass=”PASSWORD_FOR_THE_KEYSTORE”
truststoreFile=”${jboss.server.home.dir}/conf/THE_KEYSTORE_NAME”
truststorePass=”PASSWORD_FOR_THE_KEYSTORE”
sslProtocol=”TLS”/>

5. Now you should be able to access your application through https. Remember to use https:// instead of http:// in your browser-url, or else it will fail.

6. If you want to disable the non-secured port 8080, comment and disable that connector in the same server.xml.

7. Example for jboss-4.0.5.GA
jboss-4.0.5.GA\server\<application>\deploy\jbossweb-tomcat55.sar\server.xml

<!– SSL/TLS Connector configuration using the admin devl guide keystore –>
<Connector port=”8443? address=”${jboss.bind.address}”
maxThreads=”100? strategy=”ms” maxHttpHeaderSize=”8192?
emptySessionPath=”true”
scheme=”https” secure=”true” clientAuth=”false”
keystoreFile=”${jboss.server.home.dir}/conf/my.keystore”
keystorePass=”pwd123? sslProtocol = “TLS” />
Labels:

Comments

Post a Comment

Popular posts from this blog

Google Chrome shortcut keys

If you are a Google Chromey guy, please find below the list of shortcut keys for some of the most used features  :-) Find more shortcut keys @  http://www.google.com/support/chrome/bin/static.py?page=guide.cs&guide=25799&topic=28650
4 comments
Read more

Eclipse plug-in to create Class and Sequence diagrams

ModelGoon is an Eclipse plug-in avaiable for UML diagram generation from Java code. It can be used to generate Package Dependencies Diagram, Class Diagram, Interaction Diagram and Sequence Diagram. You coud get it from http://marketplace.eclipse.org/content/modelgoon-uml4java Read more about it and see some vedios about how to create the class and sequence diagram @ http://www.modelgoon.org/?tag=eclipse-plugin Find some snapshots below which gives an idea about the diagram generation.
8 comments
Read more

ATG : Oracle started new discussion forum for ATG

Oracle has started a new ATG discussion forum on oracle discussion forums.  It has a main ATG section and is divided into technical and business categories. You can access the url   http://forums.oracle.com/forums/category.jspa?categoryID=503 .  After Oracle acquired ATG, this was much expected and we can hope this forum might give us a better chance to discuss our ATG doubts and more people will come and discuss about ATG. Find the ATG docs @   http://www.oracle.com/technetwork/indexes/documentation/atgwebcommerce-393465.html
Post a Comment
Read more

ATG CA - different activity sources used @ BCC

Read about how a new link can be added in BCC home page @  http://tips4ufromsony.blogspot.com/2012/03/atg-ca-bcc-home-screen-how-to-add-new.html Normally an ActivitySource.properties file define the set of actions that it supports under a genericActivityDefinitionFile. But some ActivitySource.properties  define the actions  using the workflowActivityDefinitionFiles. For example consider the default "Content Administration" ,  "SearchAdministration",  " Merchanding "  and "Personalization" options in BCC homepage. Below I listed the ActivitySource.properties and other properties for these links. To get all these activitysource names, just take the / atg/bizui/activity/ActivityManager  component @ dyn/admin. Content Administration ActivitySource  --> /atg/bizui/activity/PublishingActivitySource genericActivityDefinitionFile Search Administration ActivitySource  --> /atg/bizui/...
1 comment
Read more

Lucene, sample JAVA code to Search an indexed file folder

Please find below the Lucene sample JAVA code to search the files inside a folder. This code will search the indexed folder for a search query in an indexed field. This java code is expecting the index path ( where the index files were created ) , field which need to be searched and the query need be searched as program arguments like  "java SearchFiles [-index dir] [-field f] [-query string]" . import java.io.File; import java.util.ArrayList; import org.apache.lucene.analysis.Analyzer; import org.apache.lucene.analysis.standard.StandardAnalyzer; import org.apache.lucene.document.Document; import org.apache.lucene.queryParser.QueryParser; import org.apache.lucene.search.IndexSearcher; import org.apache.lucene.search.Query; import org.apache.lucene.search.ScoreDoc; import org.apache.lucene.search.TopDocs; import org.apache.lucene.store.FSDirectory; import org.apache.lucene.util.Version; public class SearchFiles { public static void main(Stri...
Post a Comment
Read more