4 Replies Latest reply on Oct 31, 2002 5:01 AM by lost_in_mass

    +JBoss3.0 +Tomcat +SSL

    jrssnyder
    jrssnyder Oct 29, 2002 11:42 AM

      I'm new to JBoss and SSL. Using jboss-3.0.3_tomcat-4.0.5, I have created a test application packaged as pc.ear. I want to use SSL to protect connections between a client's browser and the servlets/JSP pages of the application.

      I followed the advice and examples given here: http://www.jboss.org/modules/bb/index.html?module=bb&op=viewtopic&t=forums/ that advice, I believe I have been able to get SSL working on port 8443 by creating a keystore (server.keystore) with a "tomcat" alias, and adding the following to my tomcat4-services.xml file:





      <!-- Define an AJP 1.3 Connector on port 8009 -->


      However, when I go to http://localhost:8443/pc, all I see is "" (i.e., some encrypted stuff). I'm sure I'm missing something very fundamental here, but I don't know what -- I'm a first-timer. Can anyone tell me what I have to do to actually get html/JSP/servlet output to display in the browser via the SSL port (8443)?

      Thanks a lot for any help,

      -- John

      • 3561 Views
      • Tags:
        • 1. Re: +JBoss3.0 +Tomcat +SSL
          jrssnyder
          jrssnyder Oct 29, 2002 11:59 AM (in response to jrssnyder)

          As a follow-up, I note that the JBoss.3.0QuickStart.Draft3.pdf refers to configuring a jboss.jcml configuration file, but I don't see such a file anywhere in the JBoss installation.

          Do I need to create this file? Where should I put it?

            • Actions
          • 2. Re: +JBoss3.0 +Tomcat +SSL
            tool
            tool Oct 29, 2002 4:32 PM (in response to jrssnyder)

            In your web.xml in your ear archive, did you include the following tags?

            <user-data-constraint>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
            </user-data-constraint>

            This section of XML must go within the <security-constraint> tag.

            I know this is basic, and you probably have it there, but its the first thing that comes to mind.

            Good luck,
            Brian

              • Actions
            • 3. Re: +JBoss3.0 +Tomcat +SSL
              silvester
              silvester Oct 29, 2002 4:58 PM (in response to jrssnyder)

              Try https://localhost:8443/pc

              Otherwise browser doesn't use ssl :-)

                • Actions
              • 4. Re: +JBoss3.0 +Tomcat +SSL
                lost_in_mass
                lost_in_mass Oct 31, 2002 5:01 AM (in response to jrssnyder)

                Hi I am trying to implement SSL with the latest JBOSS+TOMCAT download and so far I have got all the success with SSL. When I start the jboss I dont get any error message and the server starts and works fine with the http://localhost:8080//index.jsp

                Now the question comes, how do I implement this on HTTPS. I tried https://localhost:8443//index.jsp with an error COULD NOT FIND THE SERVER.

                Did I miss something from the implementation here. My login-config.xml, web.xml and jboss-web.xml is attached to the post.

                TIA,
                LMS

                  • Actions