5 Replies Latest reply on Aug 6, 2004 12:48 AM by techiestuff

    Can't get SSL properly configured for web app

    jhbjava Newbie

      I have a web app that is running fine using form based authentication and the JBoss DatabaseServerLoginModule.

      I copied the chap8.keystore file to the server/default/conf directory and then uncommented the "SSL/TLS Connector configuration using the SSL domain keystore" in the default/deploy/jbossweb-tomcat41.sar/META-INF/jboss-service.xml file.

      I run the server and access https://localhost:8443 and get the Security Alert with the certificate information.

      I then change the <transport-guarantee> to CONFIDENTIAL in the <web-resource-collection> of my web app and redeploy, hoping to go over HTTPS for the referenced collection, but I get "The page cannot be displayed". If I check the access.log I see a 302 for the referenced page.

      I then add redirectPort="8443" to the Connector for port 8080 in the default/deploy/jbossweb-tomcat41.sar/META-INF/jboss-service.xml file and re-start. When I access a url referenced by the collection above this time I get prompted with the Security Alert with the certificate information, but when I respond to the dialog to proceed the browser hangs indefinitely. I look at the server.log file and find the debug messge "Error getting client certs" which I have read is not really an error, and I get a javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated, but the browser just hangs.

      Could someone point me in the right direction?