I have configured SSL on JBOSS by following the procedure in the adminguide.pdf. ie, I have created a keystore file using the keytool utility. Modified server\default\deploy\jbossweb-tomcat55.sar\server.xml to have SSL/TLS Connector configuration uncommented. Now I am able to access my web application over https. Is this the standard way to do this? Would I be using the simple keystore I generated when turning on SSL in an actual production scenario. What should I be doing? Thanks in Advance!
Joined: Jun 30, 2004
Well in a production environment (in the public domain) you would need your CSR (certificate signing request) signed by an official CA (certificate authority).
Then you'd install the certificate in the key store (same method as a certificate you signed your self).
Other than that it just works
Oh, and you might consider using Apache to proxy SSL requests to JBoss instead of configuring JBoss to directly serve the requests - that's completely up to personal preferences and your requirements.