2 Replies Latest reply on Oct 15, 2013 8:20 AM by nlsurfman

SSL for http-remoting

nlsurfman Oct 9, 2013 10:49 AM

I need some help configuring SSL for http-remoting. I got my remote client working with plain http-remoting (via port 8080), but I want it to use SSL (via 8443). I got Undertow running with HTTPS and a self-signed certificate, like the documentation said. All I need now is to connect the http-remote client to the server using SSL. I have no clue how to set that up. I couldn't find any client examples in the documentation. Here's some of my configuration.

In standalone-full.xml:

<security-realm name="UndertowRealm">

<server-identities>

<ssl>

</ssl>

</server-identities>

</security-realm>

</security-realms>

</management>

...

<buffer-caches>

<buffer-cache name="default" buffer-size="1024" buffers-per-region="1024" max-regions="10"/>

</buffer-caches>

<http-listener name="default" max-post-size="10485760" socket-binding="http"/>

<https-listener name="https" socket-binding="https" security-realm="UndertowRealm"/>

</host>

</server>

<servlet-container name="default" default-buffer-cache="default" stack-trace-on-error="local-only">

<jsp-config/>

<persistent-sessions path="persistent-web-sessions" relative-to="jboss.server.data.dir"/>

</servlet-container>

</handlers>

</subsystem>

I know it works, because I can access my webapplication via https://10.0.0.100:8443/MyWebApp.

This is the client code, which still uses non-SSL. How do I modify this code to use SSL?

String serverName = "10.0.0.100";

String serverPort = "8080";

Properties props = new Properties();

props.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory");

props.put(Context.PROVIDER_URL, "http-remoting://" + serverName + ":" + serverPort);

props.put("jboss.naming.client.ejb.context", true);

InitialContext context = new InitialContext(props);

1. Re: SSL for http-remoting

jaikiran Oct 15, 2013 7:54 AM (in response to nlsurfman)

There's https-remoting for HTTPS support. So change the following:

WarnerJan Veldhuis wrote:

String serverName = "10.0.0.100";

String serverPort = "8080";

....

props.put(Context.PROVIDER_URL, "http-remoting://" + serverName + ":" + serverPort);

props.put("jboss.naming.client.ejb.context", true);

InitialContext context = new InitialContext(props);

to:

serverPort = 8443;
...
props.put(Context.PROVIDER_URL, "https-remoting://" + serverName + ":" + serverPort);
Actions
2. Re: SSL for http-remoting

nlsurfman Oct 15, 2013 8:20 AM (in response to jaikiran)

Thanks for your reply. It looks ridiculously simple, and I kinda hoped it was, but my remote client doesn't connect to the server. This is the stacktrace:
javax.naming.NamingException: Failed to connect to any server. Servers tried: [https-remoting://10.0.0.100:8443]
    at org.jboss.naming.remote.client.HaRemoteNamingStore.failOverSequence(HaRemoteNamingStore.java:213)
    at org.jboss.naming.remote.client.HaRemoteNamingStore.namingStore(HaRemoteNamingStore.java:144)
    at org.jboss.naming.remote.client.HaRemoteNamingStore.namingOperation(HaRemoteNamingStore.java:125)
    at org.jboss.naming.remote.client.HaRemoteNamingStore.lookup(HaRemoteNamingStore.java:241)
    at org.jboss.naming.remote.client.RemoteContext.lookup(RemoteContext.java:79)
    at org.jboss.naming.remote.client.RemoteContext.lookup(RemoteContext.java:83)
    at javax.naming.InitialContext.lookup(InitialContext.java:411)
    at com.initech.factory.ClientBusinessDelegateImpl.getEJBObject(ClientBusinessDelegateImpl.java:84)

Am I missing a line in standalone-full.xml? In subsystem jboss:domain:ejb there is this line:
<remote connector-ref="http-remoting-connector" thread-pool-name="default"/>
Should there be a "https-remoting-connector" of some sort?

My current configuration works for jsp and servlets, since the webcomponent is visible using https, so the (self-signed) certificate works.
Actions

Go to original post