• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Paul Clapham
  • Ron McLeod
Sheriffs:
  • Jeanne Boyarsky
  • Liutauras Vilda
Saloon Keepers:
  • Tim Holloway
  • Carey Brown
  • Roland Mueller
  • Piet Souris
Bartenders:

Configuring SSL on JBoss

 
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi

I am trying to figure out how I can configure my webapp to use SSL on JBoss. Here are a couple of references I am looking at-

http://community.jboss.org/wiki/sslsetup

http://www.jboss.org/file-access/default/members/jbossweb/freezone/docs/latest/ssl-howto.html

I am working on jboss-4.2.2.GA.

The first reference above refers to file jbossweb-tomcat41.sar/META-INF/jboss-service.xml where keystore file details have to be updated.

The second reference above refers to $CATALINA_HOME/conf/server.xml file for configuring the secure socket by updating the keystore information.

My question is- for the version of JBoss I am using (jboss-4.2.2.GA), I am unable to find any of these config files. Can someone help me identify the file I need to modify for updating the keystore information in it?

Thank you
Neelesh

 
Sheriff
Posts: 10445
227
IntelliJ IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
For JBoss AS-4.2.x, the file can be found at JBOSS_HOME/server/< servername>/deploy/jboss-web.deployer/server.xml
 
author
Posts: 194
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Neelesh A Korade wrote:Hi

I am trying to figure out how I can configure my webapp to use SSL on JBoss. Here are a couple of references I am looking at-

http://community.jboss.org/wiki/sslsetup

http://www.jboss.org/file-access/default/members/jbossweb/freezone/docs/latest/ssl-howto.html

I am working on jboss-4.2.2.GA.

The first reference above refers to file jbossweb-tomcat41.sar/META-INF/jboss-service.xml where keystore file details have to be updated.

The second reference above refers to $CATALINA_HOME/conf/server.xml file for configuring the secure socket by updating the keystore information.

My question is- for the version of JBoss I am using (jboss-4.2.2.GA), I am unable to find any of these config files. Can someone help me identify the file I need to modify for updating the keystore information in it?

Thank you
Neelesh


Hi Neelesh,
the configuration file you are talking about is located in your distribution here:
jboss-4.2.2.GA\server\default\deploy\jboss-web.deployer\server.xml

There you need to reference the keystore you've formerly created.
If you want to see some development examples of secure JBoss applications, you might consider having a look at the book I'm promoting this week which contains two chapters about it.
kind regards
Francesco
 
Neelesh A Korade
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thank you Francesco and Jai for all your help. My problem is solved.
 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I've been using a self-signed certificate to test an SSL connection from JBoss. One reference I found, http://www.ja-sig.org/wiki/display/CASUM/HOWTO+Configure+JBoss+for+HTTPS, stated I should be running JBoss with the option
-Djavax.net.ssl.trustStore="<C:/yourServerLocation>/server/default/conf/server.keystore" and also have the server.keystore declared in the server.xml file under the 8443 section.

I've found that the command line option overrides the JVM cacerts file- meaning that certificates stored in the JVM security cacerts won't be found and a SSL handshake exception occurs when accessing pages requiring those certificates. I tried storing those certificates in the server.keystore but the JVM couldn't read them.

I later found that the command line option is not necessary for JBoss but can be used to specify the location of the JVM certificates if not in the default location. JBoss seems perfectly happy to use what's in the server.xml declaration.

Bottom line - there appears to be a lot of confusion as to how to setup JBoss for SSL and the relationship to the JVM certificates. What I would really like to do is just use a single keystore for all certicates independent of the current JVM and JBoss versions. Any suggestions?

 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic