Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1290
  • Last Modified:

JBOSS and SSL

Hi Experts,

Has anyone ever set up SSL with JBOSS?? Trying to convert over from Apache and not sure how to handle the certs.....

Thanks!
Suzy
0
fyness
Asked:
fyness
  • 5
1 Solution
 
phuocnhCommented:
If you are using JBoss with Catalina. You can set up SSL as the following hints:
1.You make a keystore file named .keystore using keytool (which locates in bin directory of JDK).
2.Copy .keystore file into ${jboss.server.home.dir}/conf
3. Modify your jboss-service.xml in your Catalina home
 ${jboss.server.home.dir}server/<server configuration>/deploy/<catalina or Tomcat dir>/META-INF
4.           <!-- SSL/TLS Connector requiring client cert on port 8443 -->
               <Connector className = "org.apache.coyote.tomcat4.CoyoteConnector"
                 address="${jboss.bind.address}" port="8443" minProcessors="5" maxProcessors="75"
                 enableLookups="true" acceptCount="10" debug="0" scheme="https" secure="true">
                 <Factory className = "org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
                   keystoreFile="${jboss.server.home.dir}/conf/.keystore"
                   keystorePass="folami2" <------------------------------------------------------Change your keystore password.
                   protocol = "TLS"
                   clientAuth="false"/>     <---------------------------true if you want to authenticate your client side
               </Connector>
5. Restart your JBos, and test https://<your hostname>:8443
if you want access https://<your hostname> you just change port 8443 in the above xml configuration in to 443.
Phuoc
0
 
phuocnhCommented:
If you aren't used to using keytool command line tool, you can use Key Tool GUI:
http://homepage.ntlworld.com/wayne_grant/keytool.html
Phuoc
0
 
fynessAuthor Commented:
Hi Phuoc,

Thanks for that, but i also have a verisign cert that i want to use that maps to my server and domain name, how would the cert fit into using a keytool??

Thanks,
Suzy
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
phuocnhCommented:
Veri Sign cert ok.
Which type is your keystore? (.p12, .pks,...)
If it is .pks you just rename it into .keystore and follow my hints
Phuoc
0
 
phuocnhCommented:
I am sorry pks should be jks
Phuoc
0
 
phuocnhCommented:
If it is a .cer or .crt
Please follow the following steps:
1. Open key tool GUI
2. File > New KeyStore> Select .JKS keystore type
3.Tools >Import Trusted Certificate (Ctrl+T)
4. Tools > Set keystore password>Enter the password (please remeber it to apply it for jboss-service.xml file).
5. File > Save KeyStore As . Choose file name .keystore.
Phuoc
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now