I'm trying to configure a HTTPS connector with (optional) client authentication using JSSE (without native modules).

My environment:

Linux 2.6.38-10 (Ubuntu)

jdk1.6.0_26

jboss-as-7.0.0.Final

conf: standalone-preview-ha.xml

Here is the snippet xml:

<connector name="https" protocol="HTTP/1.1" socket-binding="https" scheme="https" secure="true">

    <ssl name="myssl"

        key-alias="jboss7lab_alias"

        password="xxxxxxxx"

        certificate-key-file="/path/to/keystore.jks"

        verify-client="want"

        ca-certificate-file="/path/to/truststore.jks"/>

</connector>

It seems to ignore the attribute "ca-certificate-file". It loads only trusted CAs in $JAVA_HOME/jre/lib/security/cacerts.

I need to use my truststore.

Is there something wrong?

Thanks

Regards