HTTPS secure for JBoss web application

Quick steps
1. generate key store file:

%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA

if the keystore generated is certified by CA (external/internal), browser display warning: the certificate is not signed by trusted CA.
if the keystore was generated by another domain/server, browser would warn: the certificate was for another domain

2. put the keystore file into jboss\server\default\conf

3. enable SSL connection part in server.xml, and refer to the keystore

      <!-- SSL/TLS Connector configuration using the admin devl guide keystore -->
      <Connector port="18443" address="${jboss.bind.address}"
           maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
           emptySessionPath="true"
           scheme="https" secure="true" clientAuth="false" 
           keystoreFile="${jboss.server.home.dir}/conf/sydneyweb.keystore"
           keystorePass="password" sslProtocol = "TLS" />

refer to: http://docs.jboss.org/jbossweb/latest/ssl-howto.html

http://docs.jboss.org/jbossas/guides/webguide/r2/en/html/ch9.https.sect.html

http://en.wikipedia.org/wiki/HTTP_Secure#Network_layers

Advertisements

Author: lwpro2

Java J2EE professional