aspose file tools*
The moose likes JBoss/WildFly and the fly likes Client-cert authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "Client-cert authentication" Watch "Client-cert authentication" New topic
Author

Client-cert authentication

Greg Charles
Sheriff

Joined: Oct 01, 2001
Posts: 2771
    
  10

I'm having trouble configuring client certificate authentication. I don't really expect to get an answer here, but any pointers would really help me.

I followed the instructions in Peter's book (JBoss in Action) to enable client certificate access to the JMX console. It's not a simple process, so I won't go into here, but where I'm confused is the server.xml contains:




but I also have to define an mbean like:



So why do I have to point at the server.truststore file from two places, and why is it called a truststore in the connector definition, but a keystore in the security domain definition?

The reason that's a problem for me is that I have a requirement to encrypt the keystore password, which I did following the instructions here. However, that involves defining PBESecurityDomain as a separate mbean like:



and then use that security domain in the connector definition (server.xml) in place of the keystorefile and keystorepass attributes. When I did that though, and still put truststorefile and truststorepass in server.xml, I can't get the client certificate access to work. The logged error is something line "Null certificate in chain."

Just to make it harder, I'm stuck using JBoss 4.2.3.

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Client-cert authentication
 
Similar Threads
Using EJB exposed as a service on SSL
Https java api security
Can't Get SSL/HTTPS To Work
Methods to secure web application
Enable Security for JBoss + WS