File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes JBoss/WildFly and the fly likes Implement SSL in Jboss-6.1.0 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "Implement SSL in Jboss-6.1.0" Watch "Implement SSL in Jboss-6.1.0" New topic

Implement SSL in Jboss-6.1.0

Chandra Mohan
Ranch Hand

Joined: Oct 06, 2003
Posts: 62

I would like to access my web application from http to https. I have implemented following steps. I am not sure whether I am going right way or not. I have google and find following steps. Guide me if I am wrong.

1. Created the self signed certificate using following JDK 1.6 command

keytool -genkey -alias tomcat -keyalg RSA

2. Move the keystore to C:\jboss-6.1.0.Final\server\default\conf

3. Uncomment following code in the C:\jboss-6.1.0.Final\server\default\deploy\jbossweb.sar\server.xml

<!-- SSL/TLS Connector configuration using the admin devl guide keystore -->

<Connector protocol="HTTP/1.1" SSLEnabled="true"
port="${jboss.web.https.port}" address="${jboss.bind.address}"
scheme="https" secure="true" clientAuth="false"
keystorePass="changeit" sslProtocol = "TLS" />

4. Added following code C:\jboss-6.1.0.Final\server\default\conf\bootstrap\security.xml

<bean name="JBossSSLConfiguration" class="">
<property name="keyStoreURL">chap8.keystore</property>
<property name="keyStorePassword">changeit</property>

4. Restart the application server and deploy the ear file

Access same URL with https but going to blank page.

Could you please let me know the what could cause the problem. Why my application is not running in https?


Thanks and Regards
Chandra Mohan
ankam shyamsundar

Joined: Jan 28, 2012
Posts: 15

But if we do the below steps, using http also we can access the application and Jboss also,so we need to generate certificate for this.

1) /opt/java_homes/jdk1.6.0_24/bin/keytool -genkey -alias jbosskey -keypass changeit -keyalg RSA -keystore server.keystore

/opt/java_homes/jdk1.6.0_24/bin/keytool is my java keytool path

it will generate the server.keystore in JBoss home directory.

2) /opt/java_homes/jdk1.6.0_24/bin/keytool -list -keystore server.keystore

Make ensure that keystore password will be the case sensitive and you can give your own password otherwise use default password "changeit: to configure the same.

3) /opt/java_homes/jdk1.6.0_24/bin/keytool -export -alias jbosskey -keypass changeit -file server.crt -keystore server.keystore

your jboss key certificate will generate

4) /opt/java_homes/jdk1.6.0_24/bin/keytool -import -alias jbosscert -keypass changeit -file server.crt -keystore server.keystore

/opt/java_homes/jdk1.6.0_24/bin/keytool -list -keystore server.keystore

5) Add the below entries to your server.xml

<Connector port="443" address="${jboss.bind.address}" protocol="AJP/1.3"
emptySessionPath="true" enableLookups="false" redirectPort="443"
keystorePass="Your Own Password or default password"/>

I have done the above steps on JBoss and successfully implemented SSL

ankam shyamsundar

Joined: Jan 28, 2012
Posts: 15
Exception : org.apache.coyote.http11.Http11Protocol start SEVERE: Error starting endpoint Cannot recover key at

I got this problem while doing SSL configuration on JBoss servers.Working around the exception i came to know that in my previous post 1 st point missed out one point that is passing keypass value default.
I made it to my own password and completed the setup.
I agree. Here's the link:
subject: Implement SSL in Jboss-6.1.0
It's not a secret anymore!