JBOSS by default is not configured to run
on HTTPS. For configuring JBOSS to run on https follow below steps:
1. Create Self-Signed Certificate
Do this step only if a valid certificate is
not present and a self-signed certificate needs to be used.
Create self-signed certificate from a
machine where java is installed. Fire the below command from command prompt:
keytool -genkeypair -alias client -keyalg RSA -keysize 1024 -storetype jks -validity 365 -keypass password -keystore jboss.jck -storepass password -dname "cn=localhost, ou=Verisign, o=MyComp Inc, l=Foster City, st=California, c=US"
This will create jboss.jck keystore file. Place the file at location /usr/local/cert.
keytool -export -alias client -storetype jks -keystore jboss.jck -storepass password -file jboss.crt
This will create a self-signed certificate
from a self-signed key store.
Place the generated file jboss.crt at location /usr/local/cert.
Please note that if a CA valid certificate is
present then skip the above step and place the valid certificate at /usr/loca/cert.
2. Configure JBOSS
In standalone.xml
present at JBOSS_HOME/standalone/configuration make changes to subsystem
tag with xmlns as urn:jboss:domain:web:1.1 as
mentioned below:
<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false"> <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/> <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true"> <ssl key-alias="client" password="password" certificate-key-file="/usr/local/cert/jboss.jck"/> </connector> <virtual-server name="default-host" enable-welcome-root="true"> <alias name="localhost"/> <alias name="example.com"/> </virtual-server> </subsystem>
JBOSS’s default HTTPS/SSL port is 8443.
Wow Thanks Hunaid
ReplyDelete