This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes JBoss/WildFly and the fly likes Client-cert authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "Client-cert authentication" Watch "Client-cert authentication" New topic
Author

Client-cert authentication

Greg Charles
Sheriff

Joined: Oct 01, 2001
Posts: 2840
    
  11

I'm having trouble configuring client certificate authentication. I don't really expect to get an answer here, but any pointers would really help me.

I followed the instructions in Peter's book (JBoss in Action) to enable client certificate access to the JMX console. It's not a simple process, so I won't go into here, but where I'm confused is the server.xml contains:




but I also have to define an mbean like:



So why do I have to point at the server.truststore file from two places, and why is it called a truststore in the connector definition, but a keystore in the security domain definition?

The reason that's a problem for me is that I have a requirement to encrypt the keystore password, which I did following the instructions here. However, that involves defining PBESecurityDomain as a separate mbean like:



and then use that security domain in the connector definition (server.xml) in place of the keystorefile and keystorepass attributes. When I did that though, and still put truststorefile and truststorepass in server.xml, I can't get the client certificate access to work. The logged error is something line "Null certificate in chain."

Just to make it harder, I'm stuck using JBoss 4.2.3.

 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Client-cert authentication
 
Similar Threads
Https java api security
Enable Security for JBoss + WS
Methods to secure web application
Can't Get SSL/HTTPS To Work
Using EJB exposed as a service on SSL