Quick steps
1. generate key store file:
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA
if the keystore generated is certified by CA (external/internal), browser display warning: the certificate is not signed by trusted CA.
if the keystore was generated by another domain/server, browser would warn: the certificate was for another domain
2. put the keystore file into jboss\server\default\conf
3. enable SSL connection part in server.xml, and refer to the keystore
<!-- SSL/TLS Connector configuration using the admin devl guide keystore --> <Connector port="18443" address="${jboss.bind.address}" maxThreads="100" strategy="ms" maxHttpHeaderSize="8192" emptySessionPath="true" scheme="https" secure="true" clientAuth="false" keystoreFile="${jboss.server.home.dir}/conf/sydneyweb.keystore" keystorePass="password" sslProtocol = "TLS" />
refer to: http://docs.jboss.org/jbossweb/latest/ssl-howto.html
http://docs.jboss.org/jbossas/guides/webguide/r2/en/html/ch9.https.sect.html