3 Replies Latest reply on Aug 1, 2002 5:36 PM by rickplmr

    JB 3.0.0, Tomcat 4.0.3 and SSL

    romeriz

      Hello All,

      I am having an issue with SSL and JBoss. I am trying to set up a secure site. I have looked through the archives and found that fred_soulier's thread has gotten me the closest. I am now receiving the error :

      2002-07-24 11:50:05,042 INFO [org.jboss.web.catalina.EmbeddedCatalinaServiceSX] Starting
      2002-07-24 11:50:05,042 INFO [org.jboss.deployment.MainDeployer] Adding deployer: org.jboss.web.catalina.EmbeddedCatalinaServiceSX@3b1f38
      2002-07-24 11:50:05,052 DEBUG [org.jboss.web.catalina.EmbeddedCatalinaServiceSX] Setting catalina debug level to: 0
      2002-07-24 11:50:05,052 DEBUG [org.jboss.web.catalina.EmbeddedCatalinaServiceSX] Setting catalina.home to: ../catalina
      2002-07-24 11:50:05,052 DEBUG [org.jboss.web.catalina.EmbeddedCatalinaServiceSX] Setting catalina.base to: ../catalina
      2002-07-24 11:50:10,951 INFO [org.jboss.security.plugins.JaasSecurityManagerService] Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@4af6c1
      2002-07-24 11:50:10,951 INFO [org.jboss.security.plugins.JaasSecurityManagerService] setCachePolicy, c=org.jboss.util.TimedCachePolicy@e35d5
      2002-07-24 11:50:10,951 DEBUG [org.jboss.security.plugins.JaasSecurityManager.TomcatSSL] CachePolicy set to: org.jboss.util.TimedCachePolicy@e35d5
      2002-07-24 11:50:10,951 INFO [org.jboss.security.plugins.JaasSecurityManagerService] Added TomcatSSL, org.jboss.security.plugins.SecurityDomainContext@703691 to map
      2002-07-24 11:50:10,961 INFO [STDOUT] Apache Tomcat/4.0.3
      2002-07-24 11:50:10,991 INFO [org.jboss.web.localhost.Engine] HttpConnector Opening server socket on all host IP addresses
      2002-07-24 11:50:11,071 ERROR [org.jboss.web.catalina.EmbeddedCatalinaServiceSX] Starting failed
      java.lang.NullPointerException
      at org.jboss.web.catalina.security.SSLServerSocketFactory.createSocket(SSLServerSocketFactory.java:74)
      at org.jboss.web.catalina.security.SSLServerSocketFactory.createSocket(SSLServerSocketFactory.java:57)
      at org.apache.catalina.connector.http.HttpConnector.open(HttpConnector.java:948)
      at org.apache.catalina.connector.http.HttpConnector.initialize(HttpConnector.java:1128)
      at org.apache.catalina.startup.Embedded.start(Embedded.java:962)
      at org.jboss.web.catalina.EmbeddedCatalinaServiceSX.startService(EmbeddedCatalinaServiceSX.java:189)
      at org.jboss.system.ServiceMBeanSupport.start(ServiceMBeanSupport.java:162)
      at java.lang.reflect.Method.invoke(Native Method)
      .
      .
      .
      .



      My tomcat4-service.xml file has the following in:


      jboss.security:service=JaasSecurityManager




      file:/d:/java/jboss-3.0.0_tomcat-4.0.3/catalina/certificates/keystore
      testkey
      JKS


      .
      .
      .

      <!-- A HTTP Connector on port 8080 -->
      <!--

      -->

      <!-- A HTTP Connector on port 8443 -->






      My jboss-service.xml file security section has been modified to :

      <!-- JAAS security manager and realm mapping -->


      org.jboss.security.plugins.JaasSecurityManager




      I believe I have a valid key store that I created with the keytool.


      Can anyone see what I have missed?


      Thanks.


      Romeriz.

        • 1. Re: JB 3.0.0, Tomcat 4.0.3 and SSL
          fred_soulier

          In your jboss-service.xml

          Change:

          <!-- JAAS security manager and realm mapping -->


          org.jboss.security.plugins.JaasSecurityManager



          to:

          <!-- JAAS security manager and realm mapping -->


          org.jboss.security.plugins.JaasSecurityDomain



          Having said that I just found out that it screws the binding for my datasources...

          /Fred

          • 2. Re: JB 3.0.0, Tomcat 4.0.3 and SSL
            stevepark

            My advice, if you don't have to have tomcat serve your https requests, is to setup Apache to handle http/https requests and forward them to Tomcat using mod_jk. Check the mod_jk docs at jakarta.apache.org for a fairly complete rundown on how to do this.

            • 3. Re: JB 3.0.0, Tomcat 4.0.3 and SSL
              rickplmr

              Here's a snippet from my tomcat4-service.xml located in "<jboss_home>\server\default\deploy\". One difference I see is that I added a redirectPort attribute inthe non-SSL Connector element. Also, I am assuming that you've already generated a keystore file (mine is located in a specific folder as identified in the keystoreFile attribute of the Factory element.

              <!-- A HTTP Connector on port 80 -->


              <!-- Define an SSL HTTP/1.1 Connector on port 443 -->