Search

Resume and bio of the author Couple of articles related to my hobby - robotics
My impressions about immigration to Australia. In Russian only. Recipes for everyday problems solving
Linux-related posts Windows-related posts
Software-related posts A lot of info about hardware
Different tools you might find useful Posts about various web technologies
Everything that doesn't fit the rest of the menu RSS feed for this blog

Tag Cloud

Archives

Links

Andrey Mikhalchuk’s Blog

Technoblog about life

May 22, 2013 Enabling HTTPS in JBoss EAP 5, Using Self-Signed Certificate

Surprisingly by default JBoss EAP (at least version 5) comes with HTTPS disabled. Here is how to enable it:

  1. Open this file in editor: $JBOSS_HOME/server/ /deploy/jbossweb.sar/server.xml

  2. Find section looking like the following and uncomment it:


    port="8443" address="${jboss.bind.address}"
    scheme="https" secure="true" clientAuth="false"
    keystoreFile="${jboss.server.home.dir}/conf/chap8.keystore"
    keystorePass="foobar" sslProtocol = "TLS" />

  3. Note the keystorePass=”foobar” part. This defines the password you will need in the next steps. And no, it’s not foobar, you will see something else in your config file
  4. Run this command and answer all the questions. Use the same “foobar” password for the certificate when prompted. Since we’re building a self-signed certificate it doesn’t really matter what you’re entering, just make sure the alias matches your web server name.

    keytool -genkey -alias -keyalg RSA -keystore keystore.jks -storepass foobar -validity 1360 -keysize 2048

  5. After you answer all question you will find file called keystore.jks in your current directory. Copy this file to $JBOSS_HOME/server/all/conf/chap8.keystore (i.e. give the file new name)
  6. Restart the server
  7. After restart you can access your server on port 8443 (see the server.xml file configuration above to change it)


One more note: if you see something like this:

14:59:11,400 ERROR [JSSESocketFactory] Failed to load keystore type JKS with path .../server/all/conf/chap8.keystore due to Keystore was tampered with, or password was incorrect

This most probably means the password you entered while generating the certificate doesn’t match the password in server.xml file.

This post is published in Other, Web.

No comments

No comments so far

Leave a Reply

You must be logged in to post a comment.

Site Map (c) Andrey Mikhalchuk, 2005-2008