0 Replies Latest reply on Apr 30, 2013 4:09 PM by doughboss

    Remote Deploy over SSL

    doughboss
    doughboss Apr 30, 2013 4:09 PM

      Hi All!  I am having serious trouble getting my remote deploys to work using ssl.  Without it, everything is great.  Here is the background and relevant code:

       

      I have a working remote deploy to JBOSS AS 7.1. However, I want to send these deploys using ssl. When I add server identity tag identifying the ssl information, my jboss instance will not receive the deploy.

      <server-identities> 
           <ssl> 
                <keystore path="xxx/yyy/zzz.jks" password="myFakePassword"/> 
           </ssl> 
      </server-identities>

      Removing the above will allow me to deploy remotely, but it will not use ssl (which is of course the problem).

      The above identity is required for access to the administrative console, so I know that it is at least being picked up by JBOSS.

      Here is my configuration of the plugin:

      <plugin> 
           <groupId>org.jboss.as.plugins</groupId> 
           <artifactId>jboss-as-maven-plugin</artifactId> 
           <version>7.3.Final</version> 
           <configuration> 
                <force>true</force> 
                <hostname>domain.com</hostname> 
                <port>9119</port> <!-- not the real port --> 
                <username>myFakeUsername</username> 
                <password>myFakePassword</password> 
                <filename>deployable.war</filename> 
           </configuration> 
           <executions> 
                <execution> 
                     <phase>install</phase> 
                     <goals> 
                          <goal>deploy</goal> 
                     </goals> 
                </execution> 
           </executions> 
      </plugin>

      The error I get from the deploying client is:

      [ERROR] }'. java.net.ConnectException: JBAS012174: Could not connect to remote://domain.com:9119. The connection failed: General SSLEngine problem: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

      and the error I get on the server log is:

      ERROR [org.jboss.remoting.remote.connection] (Remoting "domain.com:MANAGEMENT" read-1) JBREM000200: Remote connection failed: javax.net.ssl.SSLException: Received fatal alert: certificate_unknown

      Other relevant information:

      The certificate is self signed. The certificate works for https requests to the admin console and to the web applications hosted on jboss. The certificate works from the above mentioned identity when accessing the admin console through a browser.

      Any help would be GREATLY appreciated.

      Thank you in advance.

      • 433 Views
      • Categories: JBoss AS 7.0
      • Tags: