-
1. Re: Setup SSL in jboss Application server
fabrizio.benedetti Jun 7, 2011 5:19 AM (in response to moatau)Be sure that keystore and alias have same password.
-
2. Re: Setup SSL in jboss Application server
moatau Jun 7, 2011 1:32 PM (in response to fabrizio.benedetti)ok these are the following procedure that i did to convert the Certificate.pem and Key.pem ----to---> server.keystore
***just to be sure that i did it with the right way !!***
1.Convert PEM to PFX
openssl pkcs12 -inkey key.pem -in cert.pem -export -out newKey.pfx
2.Convert PFX to JKS
java -classpath lib/jetty-6.1.1.jar org.mortbay.jetty.security.PKCS12Import
newKey.pfx server.keystore
3. after that i configure the server.xml with the following :
- <Connector port="8443" address="${jboss.bind.address}"
- protocol="HTTP/1.1" SSLEnabled="true"
- maxThreads="150" scheme="https" secure="true"
- clientAuth="false" sslProtocol="TLS"
- keystoreFile="${jboss.server.home.dir}/conf/server.keystore"
- keystorePass="password" />
@Fabrizio Benedetti , Yes you was right now its working with no error when i run the jboss ...,
**** and in the other side which is the CPE should send Certificate with .der extension , is every thing that i did is right ???
becuase still cant have connection , want be sure that not from certificate or SSL connection in jboss....
-
3. Re: Setup SSL in jboss Application server
fabrizio.benedetti Jun 8, 2011 4:35 AM (in response to moatau)Your certificate is issued by a CA (CN=al-sard_ca, OU=IT, O=COMPANY, L=S, ST=S, C=IQ).
The keystore must trust that CA.
So you have to export CA certificate (in DER format) and trust it in "server.keystore" with keytool or other tool (ex. keytool-UI).
Restart Jboss a make a browser connection on port 8443. It should be OK.
Regards