1 Reply Latest reply on Feb 25, 2014 3:43 AM by Luís Gonçalves

# SSL keystore in JBoss eap 6.1

Hi there,

I currently have my application deployed in Tomcat which I can access using https. I have a small tool that can generate .jks key stores and can also import a Certificate Authority (CA) reply to that generated keystore. Once I import the CA reply into the keystore, I can access my application using the fully qualified name.

I've been trying to set up the same with jboss. I use the same tool to generate a .jks keystore and once that is done I update the configuration file (standalone.xml) in order to include the keystore that I created. The connector content is as follow:

<connector enabled="true" name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">

</connector>

Using this configuration and with my application deployed locally I can access to it using  https://localhost:8443/Application (it displays the browser warning related with the certificate which is expected)

The problem comes when I import the CA reply. If I import the CS reply into the keystore, and change the configuration file as follow:

<connector enabled="true" name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">

</connector>

Do you guys have any idea what am I doing wrong?

• ###### 1. Re: SSL keystore in JBoss eap 6.1

Hi again,

After some investigation I solved this issue which was not related with ssl configuration.

By default, JBoss only binds to localhost (security default) so I just changed:

<interfaces>

...

<interface name="public">

<inet-address value="${jboss.bind.address:127.0.0.1}"/> </interface> ... </interfaces> for <interfaces> ... <interface name="public"> <inet-address value="${jboss.bind.address:0.0.0.0}"/>

</interface>

...

</interfaces>

Also, I end up with the following ssl configuration

<connector enabled="true" name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">