wood burning stoves 2.0*
The moose likes JBoss/WildFly and the fly likes Configuring SSL on JBoss Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "Configuring SSL on JBoss" Watch "Configuring SSL on JBoss" New topic
Author

Configuring SSL on JBoss

Neelesh A Korade
Greenhorn

Joined: Jun 07, 2007
Posts: 26
Hi

I am trying to figure out how I can configure my webapp to use SSL on JBoss. Here are a couple of references I am looking at-

http://community.jboss.org/wiki/sslsetup

http://www.jboss.org/file-access/default/members/jbossweb/freezone/docs/latest/ssl-howto.html

I am working on jboss-4.2.2.GA.

The first reference above refers to file jbossweb-tomcat41.sar/META-INF/jboss-service.xml where keystore file details have to be updated.

The second reference above refers to $CATALINA_HOME/conf/server.xml file for configuring the secure socket by updating the keystore information.

My question is- for the version of JBoss I am using (jboss-4.2.2.GA), I am unable to find any of these config files. Can someone help me identify the file I need to modify for updating the keystore information in it?

Thank you
Neelesh

Jaikiran Pai
Marshal

Joined: Jul 20, 2005
Posts: 9915
    
158

For JBoss AS-4.2.x, the file can be found at JBOSS_HOME/server/< servername>/deploy/jboss-web.deployer/server.xml

[My Blog] [JavaRanch Journal]
Francesco Marchioni
author
Ranch Hand

Joined: Sep 22, 2003
Posts: 190
Neelesh A Korade wrote:Hi

I am trying to figure out how I can configure my webapp to use SSL on JBoss. Here are a couple of references I am looking at-

http://community.jboss.org/wiki/sslsetup

http://www.jboss.org/file-access/default/members/jbossweb/freezone/docs/latest/ssl-howto.html

I am working on jboss-4.2.2.GA.

The first reference above refers to file jbossweb-tomcat41.sar/META-INF/jboss-service.xml where keystore file details have to be updated.

The second reference above refers to $CATALINA_HOME/conf/server.xml file for configuring the secure socket by updating the keystore information.

My question is- for the version of JBoss I am using (jboss-4.2.2.GA), I am unable to find any of these config files. Can someone help me identify the file I need to modify for updating the keystore information in it?

Thank you
Neelesh


Hi Neelesh,
the configuration file you are talking about is located in your distribution here:
jboss-4.2.2.GA\server\default\deploy\jboss-web.deployer\server.xml

There you need to reference the keystore you've formerly created.
If you want to see some development examples of secure JBoss applications, you might consider having a look at the book I'm promoting this week which contains two chapters about it.
kind regards
Francesco


WildFly 8 Administration Book - JBoss Tutorials
Neelesh A Korade
Greenhorn

Joined: Jun 07, 2007
Posts: 26
Thank you Francesco and Jai for all your help. My problem is solved.
Tom Thomas
Greenhorn

Joined: Jun 23, 2003
Posts: 2
I've been using a self-signed certificate to test an SSL connection from JBoss. One reference I found, http://www.ja-sig.org/wiki/display/CASUM/HOWTO+Configure+JBoss+for+HTTPS, stated I should be running JBoss with the option
-Djavax.net.ssl.trustStore="<C:/yourServerLocation>/server/default/conf/server.keystore" and also have the server.keystore declared in the server.xml file under the 8443 section.

I've found that the command line option overrides the JVM cacerts file- meaning that certificates stored in the JVM security cacerts won't be found and a SSL handshake exception occurs when accessing pages requiring those certificates. I tried storing those certificates in the server.keystore but the JVM couldn't read them.

I later found that the command line option is not necessary for JBoss but can be used to specify the location of the JVM certificates if not in the default location. JBoss seems perfectly happy to use what's in the server.xml declaration.

Bottom line - there appears to be a lot of confusion as to how to setup JBoss for SSL and the relationship to the JVM certificates. What I would really like to do is just use a single keystore for all certicates independent of the current JVM and JBoss versions. Any suggestions?

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Configuring SSL on JBoss
 
Similar Threads
JBoss 4.2.2 Server Starting Issue
jboss-4.0.5.GA to \jboss-4.2.2.GA
Calling deployed EJB
JBOSS and SSL
Kodo 3.2.2 on Jboss 4.0.5.GA