Unable to connect via SSL port
sagimann Aug 5, 2008 10:19 AMHi all,
Seems like something as simple as setting up SSL for JBoss 4.2.2 is something I am unalbe to perform :-(
I've created a keystore:
keytool -genkey -keystore serverkey.jks -storetype jks -storepass changeit -alias tomcat What is your first and last name? [Unknown]: jboss What is the name of your organizational unit? [Unknown]: orgunit What is the name of your organization? [Unknown]: org What is the name of your City or Locality? [Unknown]: city What is the name of your State or Province? [Unknown]: state What is the two-letter country code for this unit? [Unknown]: st Is CN=jboss, OU=orgunit, O=org, L=city, ST=state, C=st correc [no]: yes Enter key password for <tomcat> (RETURN if same as keystore password): changeit
I configured the connector in:
V:\tmp\jboss-4.2.2.GA\server\default\deploy\jboss-web.deployer\server.xml:
<Connector port="8181" protocol="HTTP/1.1" SSLEnabled="true" maxHttpHeaderSize="8192" emptySessionPath="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" strategy="ms" address="${jboss.bind.address}" sslProtocol="TLS" keystoreFile="${jboss.server.home.dir}/conf/serverkey.jks" keystorePass="changeit" truststoreFile="${jboss.server.home.dir}/conf/servertrust.jks" truststorePass="password" />
then I simply run jboss using:
run -b 0.0.0.0
and try to access jboss homepage via the browser:
https://myhost:8181
and I immediately get "Internet Explorer cannot display the webpage".
The non-SSL homepage is fine: http://myhost:8080
netstat -aon | findstr LISTEN | findstr <jboss PID> yields everything double, I don't know why:
TCP 0.0.0.0:1098 0.0.0.0:0 LISTENING 3156 TCP 0.0.0.0:1099 0.0.0.0:0 LISTENING 3156 TCP 0.0.0.0:4444 0.0.0.0:0 LISTENING 3156 TCP 0.0.0.0:4445 0.0.0.0:0 LISTENING 3156 TCP 0.0.0.0:4446 0.0.0.0:0 LISTENING 3156 TCP 0.0.0.0:8009 0.0.0.0:0 LISTENING 3156 TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING 3156 TCP 0.0.0.0:8093 0.0.0.0:0 LISTENING 3156 TCP 0.0.0.0:8181 0.0.0.0:0 LISTENING 3156 TCP 0.0.0.0:18083 0.0.0.0:0 LISTENING 3156 TCP 0.0.0.0:64330 0.0.0.0:0 LISTENING 3156 TCP 0.0.0.0:64331 0.0.0.0:0 LISTENING 3156 TCP 0.0.0.0:64333 0.0.0.0:0 LISTENING 3156 TCP 192.168.1.4:3873 0.0.0.0:0 LISTENING 3156 TCP [::]:1098 [::]:0 LISTENING 3156 TCP [::]:1099 [::]:0 LISTENING 3156 TCP [::]:4444 [::]:0 LISTENING 3156 TCP [::]:4445 [::]:0 LISTENING 3156 TCP [::]:4446 [::]:0 LISTENING 3156 TCP [::]:8009 [::]:0 LISTENING 3156 TCP [::]:8080 [::]:0 LISTENING 3156 TCP [::]:8093 [::]:0 LISTENING 3156 TCP [::]:8181 [::]:0 LISTENING 3156 TCP [::]:18083 [::]:0 LISTENING 3156 TCP [::]:64330 [::]:0 LISTENING 3156 TCP [::]:64331 [::]:0 LISTENING 3156 TCP [::]:64333 [::]:0 LISTENING 3156
I also have GlassFish v2 installed on the same box, and if I shut down Jboss and start GlassFish (same ssl port), I can reach the GF homepage without any problems. So it's not a Firewall issue.
any ideas why SSL is not working properly and how to diagnose this?
thanks.