• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Enabling SSL on JBoss

 
Puja Mantri
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am trying to enable SSL on JBoss on My local machine. Did following things:

1) create the self-signed certificate using keytool.exe in the <java_home>/jre/bin directory

C:\jrockit-R27.4.0-jdk1.5.0_12\jre\bin>keytool -genkey -alias tomcat -keyalg RSA

Enter keystore password: tdemand
What is your first and last name?
[Unknown]: Puja Mantri
What is the name of your organizational unit?
[Unknown]: EBU
What is the name of your organization?
[Unknown]: Persistent
What is the name of your City or Locality?
[Unknown]: Pune
What is the name of your State or Province?
[Unknown]: Maharashtra
What is the two-letter country code for this unit?
[Unknown]: IN
Is CN=Puja Mantri, OU=EBU, O=Persistent, L=Pune, ST=Maharashtra, C=IN correct?
[no]: yes

Enter key password for <tomcat>
(RETURN if same as keystore password):
jrockit-R27.4.0-jdk1.5.0_12\jre\bin>


2) move the self-signed certificate to a JBoss directory:

Renamed the .kestore file to tdemand.kestore and moved it to the conf directory.

3) edit the Tomcat configuration file to turn on SSL

In the file <jboss_server_home_dir>\jboss-web.deployer\server.xml uncommented following section and made some changes as follows:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false"
address="${jboss.bind.address}"
keystoreFile="${jboss.server.home.dir}/conf/tdemand.keystore"
keystorePass="tdemand"
truststoreFile="${jboss.server.home.dir}/conf/tdemand.keystore"
sslProtocol="TLS" />


After this restarted the JBoss server.

But still not able to access the application url using https. Any pointers to this would be appreciated. Thanks in advance.

-Puja

 
Jaikiran Pai
Marshal
Pie
Posts: 10447
227
IntelliJ IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What error do you get when you access https://localhost:8443/appName
 
Puja Mantri
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks.. I got the problem I was accessing the application URL with the 8080 port. Accesing the application with 8443 port solved the problem. Now I am able to access the URL and login to the application. But the application URL shows the certificate Error.

"The security certificate presented by this website has errors. This problem may indicate the attempt to fool you or intercept any data you send to the server."

How do we install the SSL certificate? Do we have to buy the SSL certificate from some vendor (e.g. Verisign)?
 
Puja Mantri
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Certificate error is because I have created the Self-signed certificate

One change while creating self-signed certificate give the URL name as answer for the following questions:
What is your first and last name?

This is the name of website for which the certificate is issued.
 
Jaikiran Pai
Marshal
Pie
Posts: 10447
227
IntelliJ IDE Ubuntu
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Puja Mantri wrote:

Do we have to buy the SSL certificate from some vendor (e.g. Verisign)?


Typically yes. See this
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic