2 Replies Latest reply on Jun 18, 2012 3:08 AM by Its Me

    Issue in setting up keystore in jboss

    Its Me Newbie

      Hello All,

       

      We have a keystore which we had imported to the cacerts file in the JAVA_HOME\jre\lib\security. After this import, copied the cacerts file to jboss\server\default\conf folder and added the following to the server.xml inside jboss\server\default\deploy\jbossweb.sar folder:

       

      <Connector protocol="HTTP/1.1" SSLEnabled="true"

                 port="${jboss.web.https.port}" address="${jboss.bind.address}"

                 scheme="https" secure="true" clientAuth="false"

                 keystoreFile="${jboss.server.home.dir}/conf/cacerts"

                             keystorePass="changeit"

                  sslProtocol = "TLS"/>

       

      The keystore is fine. But everytime, we try to access the other url, we get bad_certificate (when the https setting in client side is required certificate, or a 401 error (when the https setting in client side is request certificate).

       

      The keystores work great when i run them as a standalone java file, outside jboss. Any help is appreciated in this.

       

      Thanks and Regards,

      Nid.......................

        • 1. Re: Issue in setting up keystore in jboss
          Its Me Newbie

          We would like to add the following details:

          We are connecting to the other server using the following code:

           

                         SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();

                         URL url = new URL("https://newDomain.com:assignedPort/neededService");

           

          We are running the server as run.bat -b 0.0.0.0

           

          Thanks,

          Nid............................

          • 2. Re: Issue in setting up keystore in jboss
            Its Me Newbie

            Hi All,

             

            Finally managed to crack this one. No addition needed in server.xml or properties-service.xml or System.setProperties in the code. Add the following lines in run.conf.bat in jboss/bin folder and it works like a charm:

             

            rem # Setting the Keystore and TrustStore Values

            set "JAVA_OPTS=%JAVA_OPTS% -Djavax.net.ssl.keyStore=D:\keyFile"

            set "JAVA_OPTS=%JAVA_OPTS% -Djavax.net.ssl.keyStorePassword=changeit"

            set "JAVA_OPTS=%JAVA_OPTS% -Djavax.net.ssl.trustStore=D:\keyFile"

            set "JAVA_OPTS=%JAVA_OPTS% -Djavax.net.ssl.trustStorePassword=changeit"

             

             

            Thanks,

            Nids..............................