-
1. Re: JBoss 7.1.1: how to enable client-cert authentication for the management interface
dlofthouse Mar 15, 2012 2:02 PM (in response to karink)1 of 1 people found this helpfulYour server will also want a keystore setting for the identity of the server.
-
2. Re: JBoss 7.1.1: how to enable client-cert authentication for the management interface
karink Mar 15, 2012 2:45 PM (in response to dlofthouse)ok yes, I changed my config accordingly
now it looks like that
<security-realm name="ManagementRealm">
<server-identities>
<ssl>
<keystore path="jboss.jks" relative-to="jboss.domain.config.dir" password="12345"/>
</ssl>
</server-identities>
<authentication>
<!-- sobald truststore vorkommt wird automatisch client cert authentication gemacht-->
<truststore path="trusted.jks" relative-to="jboss.domain.config.dir" password="12345"/>
<!--<properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>-->
</authentication>
</security-realm>
SSL connection is now working fine (can choose in my browser the correct client certificate (issued by the trusted.jks store)), but at a whole authentication is failing -> I'm redirected to page https://localhost:8888/error/index_win.html#hosts/server-instances;host=master, http response code 307), did not see any error message anywhere.
do I have to insert my user somewhere. I tried to debug it but could not find out what would be the best class (I used ClientCertAuthenticator, but somehow it was never stopping there).
-
3. Re: JBoss 7.1.1: how to enable client-cert authentication for the management interface
karink Mar 27, 2012 12:54 PM (in response to karink)are there any news on this issue
-> I still not know if I have to add the propagated user (e.g. the CN Name of the client certificate) somewhere -> this would make sense