5 Replies Latest reply on Sep 27, 2012 2:05 PM by wlam

Securing admin console with https not working

wlam Sep 25, 2012 3:22 PM

Hi,

I'm running JBosss AS 7 in a domain mode. How can I setup https on the Console with port 9990. https://myhost:9990? Something are missing from either or both config files. Or how can "ManagementRealm" references "socket binding="management-https" in domain.xml

I followed this reference guide.

https://community.jboss.org/wiki/SecuringAdministrationConsoleWithHttps

host.xml

=======

<security-realms>

<security-realm name="ManagementRealm">

</authentication>

<server-identities>

<ssl>

</ssl>

</server-identities>

</security-realm>

<security-realm name="ApplicationRealm">

</authentication>

</security-realm>

</security-realms>

<management-interfaces>

<native-interface security-realm="ManagementRealm">

</native-interface>

<http-interface security-realm="ManagementRealm">

<socket interface="management" port="${jboss.management.https.port:9990}"/>

</http-interface>

</management-interfaces>

</management>

domain.xml

=========

<socket-binding-group name="full-sockets" default-interface="public">

<socket-binding name="ajp" port="8009"/>

<socket-binding name="http" port="9090"/>

<socket-binding name="https" port="9443"/>

<socket-binding name="management-https" interface="management" port="9990"/>

.....

</socket-binding-group>

<server-groups>

<server-group name="main-server-group" profile="full">

</jvm>

<socket-binding-group ref="full-sockets"/>

</deployments>

</server-group>

<server-group name="other-server-group" profile="full-ha">

</jvm>

<socket-binding-group ref="ha-sockets"/>

</server-group>

</server-groups>

Any help or tips are appreciated.

Thanks a lot,

Will

1. Re: Securing admin console with https not working

wlam Sep 25, 2012 3:25 PM (in response to wlam)

Or, how can I enable SSL on <http-interface> of <management-interface>? I've tried many different ways and "google" on how to setup SSL on the Console. But, I'm not getting anywhere.
Actions
2. Re: Securing admin console with https not working

guinotphil Sep 26, 2012 11:59 AM (in response to wlam)

In standalone.xml, I did it that way:

<management-interfaces>
    <native-interface>
         <socket-binding native="management-native"/>
    </native-interface>
    <http-interface >
         <socket-binding http="management-http" https="management-https"/>
     </http-interface>
</management-interfaces>

And then, as you :
<socket-binding name="management-https" interface="management" port="9990"/>

Hope that helps !
Actions
3. Re: Securing admin console with https not working

wlam Sep 26, 2012 2:35 PM (in response to guinotphil)

That doesn't work. Port 9990 is still not on https. Thanks.
Actions
4. Re: Securing admin console with https not working

b.eckenfels Sep 26, 2012 3:28 PM (in response to wlam)

I think it is done by:

<http-interface interface="management" port="9990" secure-port="9943" />
(and adding the realm with the SSL config)
1 of 1 people found this helpful
Actions
5. Re: Securing admin console with https not working

wlam Sep 27, 2012 2:05 PM (in response to b.eckenfels)

It should be:

<http-interface security-realm="ManagementRealm">
<socket interface="management" port="9990" secure-port="9943"/>
</http-interface>

Thanks, Bernd.
Actions

Go to original post