-
1. Re: https and jboss-3.2.2beta
jonlee May 27, 2003 10:33 PM (in response to geoff.hill)Have you tried telneting to port 8443? If you can't even get a connection there, probably the listener has not started. If the listener has not started, a possible problem may be that the securityDomain you specify doesn't exist or can't be looked up. Have you tried with a basic certificate registry to see that the SSL listener is operational. If it works then Tomcat is ok and you have a problem with the security domain setting. This should help narrow down the problem.
-
2. Re: https and jboss-3.2.2beta
geoff.hill May 28, 2003 2:35 AM (in response to geoff.hill)OK so telnet works, and jboss is listening on the port, but still no joy. If it means anything the jaas domain I've set up appears under the JNDI view of the console.
Can you point me at how to "try with a basic certificate registry" and how to test it? -
3. Re: https and jboss-3.2.2beta
jonlee May 28, 2003 7:44 AM (in response to geoff.hill)Go to here for creating certificates:
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html
Your jboss-service.xml for jbossweb-tomcat.sar is going to look like this instead:
<Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
keystoreFile="${jboss'dot'server'dot'home.dir}/conf/tomcat.key"
clientAuth="false" protocol="TLS" />
Sorry had to mangle the keystore bit so the forum wouldn't substitute things. Replace 'dot' with an actual '.'. -
4. Re: https and jboss-3.2.2beta
geoff.hill May 28, 2003 6:29 PM (in response to geoff.hill)Oops, turns out (of course) that there was a difference between my configuration with the bundle and the one I built. It's the HttpConnector that works, the CoyoteConnector seems not to work.
Thanx for your help -
5. Re: https and jboss-3.2.2beta
geoff.hill May 28, 2003 7:23 PM (in response to geoff.hill)OK finally I'm at the bottom of this more or less. You use jakarta's own org.apache.coyote.tomcat4.CoyoteServerSocketFactory, and with the CoyoteConnector this works great.
What I found was that with the JBoss org.jboss.web.catalina.security.SSLServerSocketFactory that it only seems to work with HttpConnector.
I like your way much better - keep tomcat stuff in the tomcat family as it were, and get to use the supposedly better Connector.
Thanks again jon