I'm trying to configure a HTTPS connector with (optional) client authentication using JSSE (without native modules).
My environment:
Linux 2.6.38-10 (Ubuntu)
jdk1.6.0_26
jboss-as-7.0.0.Final
conf: standalone-preview-ha.xml
Here is the snippet xml:
<connector name="https" protocol="HTTP/1.1" socket-binding="https" scheme="https" secure="true">
<ssl name="myssl"
key-alias="jboss7lab_alias"
password="xxxxxxxx"
certificate-key-file="/path/to/keystore.jks"
verify-client="want"
ca-certificate-file="/path/to/truststore.jks"/>
</connector>
It seems to ignore the attribute "ca-certificate-file". It loads only trusted CAs in $JAVA_HOME/jre/lib/security/cacerts.
I need to use my truststore.
Is there something wrong?
Thanks
Regards