Hi,

I'm configuring JBoss to use SSL and have been fairly successful thus far.

I have two jboss servers residing on seperate physical machines.

I have generated a keystore for each JBoss instance, exported the certificate (as I'm in Dev and using self-signed certs) and imported that certificate into a truststore. I also import into the truststore the certifcate for the other JBoss server. So each Truststore has two  PrivateKeyEntrys.

I modified the server.xml file located in /deploy/jbossweb.sar/ as follows

<Connector protocol="HTTP/1.1" SSLEnabled="true"

           port="8443" address="${jboss.bind.address}"

           scheme="https" secure="true" clientAuth="false"

           keystoreFile="${jboss.server.home.dir}/conf/keystore/my.keystore"

           keystorePass="password"

           sslProtocol = "TLS" />

When I open a browser and browse over HTTPS to my web app all is fine.

Within the JBoss server there is an esb deployment that invokes the web app over HTTPS successfully.

The issue I have is that on JBoss server 2 I need to communicate back to JBoss Server 1 over HTTPS. This is the call that always fails returning a HTTP Status 401.

The same Java Client is used in both locations within the app to communicate but as mentioned when the java client is invoking JBoss Server 1 from the esb deployed in JBoss Server 1 there is no issue.

I enabled ssl debugging by -Dssl.debug=true -Djavax.net.debug=ssl.

There are no exceptions in the log that lead me to think the SSL handshake has been rejected.

Interestingly the URL invoked from JBoss 2 --> JBoss 1 get a HTTP Status 401 when entered into a Browser, but if I log into the web app and then enter that URL the expected response is returned.

Anyone got any thoughts on how to debug this further?