1 Reply Latest reply on May 24, 2005 3:51 PM by hemax

    Installing SSL certificate on JBOSS - SSLException

    vadim_s
    vadim_s May 20, 2005 12:36 AM

      We have followed all the instruction in the documentation in order to install SSL cert for https. Chapter 8 example works well, but our real cert. does not.

      Has anyone been able to find a solution to this problem:

      javax.net.ssl.SSLException:
      No available certificate corresponding to the SSL
      cipher suites which are enabled...

      When installing a verisign certificate and root authority in a store and then trying to start JBOSS with that store specified in Tomcat connector we get the error above. There is mention of it here: http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html#Customization

      If anyone has been able to successfully install SSL cert. for https on JBoss, and has advice or ideas on how to fix this problem, please help.

      We also followed these links to set things up:
      1. http://www.geotrust.com/resources/install/jakarta_tomcat.htm
      2. http://jakarta.apache.org/tomcat/tomcat-5.5-doc/ssl-howto.html


      Thank You.
      Regards,
      Vadim

      OS: Win2k
      JDK: j2sdk1.4.2_06
      JBOSS: JBoss [Zion] 4.0.1sp1 (build: CVSTag=JBoss_4_0_1_SP1)

      • 11382 Views
      • Tags:
        • 1. Re: Installing SSL certificate on JBOSS - SSLException
          hemax
          hemax May 24, 2005 3:51 PM (in response to vadim_s)

          In my case, the solution was:

          1. copy file.keystore to jboss/server//conf
          eg: jboss/server/soccer/conf
          2. copy file.x509 (or file.csr) to jboss/server//conf

          3. add the code in jboss-service.xml under jboss/server//conf

           <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
 name="Security:service=JaasSecurityDomain,domain=TomcatSSL">
 <depends>jboss.security:service=JaasSecurityManager</depends>
 <constructor>
 <arg type="java.lang.String" value="TomcatSSL" />
 </constructor>
 <attribute name="KeyStoreURL">${jboss.server.home.dir}/conf/file.keystore</attribute>
 <attribute name="KeyStorePass">password</attribute>
 </mbean>

          4. change server.xml under jboss/server//deploy/jbossweb..... 
           <!-- SSL/TLS Connector configuration using the admin devl guide keystore -->
 <Connector port="443" address="${jboss.bind.address}"
 maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
 scheme="https" secure="true" clientAuth="false"
 keystoreFile="${jboss.server.home.dir}/conf/offCA/off.keystore"
 keystorePass="offgiss" sslProtocol = "TLS" />

 <!-- A HTTP/1.1 Connector on port 8080 -->
 <Connector port="80" address="${jboss.bind.address}"
 maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
 enableLookups="true" redirectPort="443" acceptCount="100"
 connectionTimeout="10000" disableUploadTimeout="true"/>

          5. test: https://localhost/jmx-console

          Done.

            • Actions