5 Replies Latest reply on Feb 23, 2012 10:53 AM by Tomaz Cerar

    7.1.0.CR1 SSL Connector ignores JSSE ssl attributes in domain mode

    Fabrizio Benedetti Novice

      I removed modules/org/jboss/as/web/main/lib in order to use JSSE, but if I put the following in domain.xml (web subsystem):

       

      ...
      <connector name="https" protocol="HTTP/1.1" socket-binding="https" scheme="https" secure="true">
          <ssl name="myssl" 
              key-alias="myalias" 
              password="XXX" 
              certificate-key-file="/path/to/keystore.jks" 
              ca-certificate-file="/path/to/truststore.jks"
              verify-client="want"/>
      </connector>
      ...
      

       

      it throws this Exception:

      [Server:server-one] 13:35:45,777 ERROR [org.apache.tomcat.util.net.jsse.JSSESocketFactory] (MSC service thread 1-1) Failed to load keystore type JKS with path /home/fabrizio/.keystore due to /home/fabrizio/.keystore (File o directory non esistente): java.io.FileNotFoundException: /home/fabrizio/.keystore (File o directory non esistente)

       

      It seems to ignore certificate-key-file attribute and tries to load keystore from the user home. But if I put the keystore in /home/fabrizio/.keystore, it says that the password is wrong.

      I think it ignores all ssl attributes.

       

      In standalone mode all works fine.

      Also in 7.0.2 standalone/domain all works.

       

      Is it a bug in domain mode?

       

      Regards

      /Fabrizio