Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Client-cert authentication  RSS feed

 
Greg Charles
Sheriff
Posts: 3014
12
Firefox Browser IntelliJ IDE Java Mac Ruby
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm having trouble configuring client certificate authentication. I don't really expect to get an answer here, but any pointers would really help me.

I followed the instructions in Peter's book (JBoss in Action) to enable client certificate access to the JMX console. It's not a simple process, so I won't go into here, but where I'm confused is the server.xml contains:




but I also have to define an mbean like:



So why do I have to point at the server.truststore file from two places, and why is it called a truststore in the connector definition, but a keystore in the security domain definition?

The reason that's a problem for me is that I have a requirement to encrypt the keystore password, which I did following the instructions here. However, that involves defining PBESecurityDomain as a separate mbean like:



and then use that security domain in the connector definition (server.xml) in place of the keystorefile and keystorepass attributes. When I did that though, and still put truststorefile and truststorepass in server.xml, I can't get the client certificate access to work. The logged error is something line "Null certificate in chain."

Just to make it harder, I'm stuck using JBoss 4.2.3.

 
Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!