0 Replies Latest reply on Aug 5, 2008 10:19 AM by sagimann

    Unable to connect via SSL port

    sagimann
    sagimann Aug 5, 2008 10:19 AM

      Hi all,
      Seems like something as simple as setting up SSL for JBoss 4.2.2 is something I am unalbe to perform :-(

      I've created a keystore:

      keytool -genkey -keystore serverkey.jks -storetype jks -storepass changeit -alias tomcat
What is your first and last name?
 [Unknown]: jboss
What is the name of your organizational unit?
 [Unknown]: orgunit
What is the name of your organization?
 [Unknown]: org
What is the name of your City or Locality?
 [Unknown]: city
What is the name of your State or Province?
 [Unknown]: state
What is the two-letter country code for this unit?
 [Unknown]: st
Is CN=jboss, OU=orgunit, O=org, L=city, ST=state, C=st correc
 [no]: yes

Enter key password for <tomcat>
 (RETURN if same as keystore password): changeit


      I configured the connector in:
      V:\tmp\jboss-4.2.2.GA\server\default\deploy\jboss-web.deployer\server.xml: 
      <Connector port="8181" protocol="HTTP/1.1" SSLEnabled="true"
 maxHttpHeaderSize="8192"
 emptySessionPath="true"
 maxThreads="150" scheme="https" secure="true"
 clientAuth="false" strategy="ms"
 address="${jboss.bind.address}"
 sslProtocol="TLS"
 keystoreFile="${jboss.server.home.dir}/conf/serverkey.jks"
 keystorePass="changeit"
 truststoreFile="${jboss.server.home.dir}/conf/servertrust.jks"
 truststorePass="password"
/>


      then I simply run jboss using:
      run -b 0.0.0.0
      and try to access jboss homepage via the browser:
      https://myhost:8181

      and I immediately get "Internet Explorer cannot display the webpage".
      The non-SSL homepage is fine: http://myhost:8080

      netstat -aon | findstr LISTEN | findstr <jboss PID> yields everything double, I don't know why: 
       TCP 0.0.0.0:1098 0.0.0.0:0 LISTENING 3156
 TCP 0.0.0.0:1099 0.0.0.0:0 LISTENING 3156
 TCP 0.0.0.0:4444 0.0.0.0:0 LISTENING 3156
 TCP 0.0.0.0:4445 0.0.0.0:0 LISTENING 3156
 TCP 0.0.0.0:4446 0.0.0.0:0 LISTENING 3156
 TCP 0.0.0.0:8009 0.0.0.0:0 LISTENING 3156
 TCP 0.0.0.0:8080 0.0.0.0:0 LISTENING 3156
 TCP 0.0.0.0:8093 0.0.0.0:0 LISTENING 3156
 TCP 0.0.0.0:8181 0.0.0.0:0 LISTENING 3156
 TCP 0.0.0.0:18083 0.0.0.0:0 LISTENING 3156
 TCP 0.0.0.0:64330 0.0.0.0:0 LISTENING 3156
 TCP 0.0.0.0:64331 0.0.0.0:0 LISTENING 3156
 TCP 0.0.0.0:64333 0.0.0.0:0 LISTENING 3156
 TCP 192.168.1.4:3873 0.0.0.0:0 LISTENING 3156
 TCP [::]:1098 [::]:0 LISTENING 3156
 TCP [::]:1099 [::]:0 LISTENING 3156
 TCP [::]:4444 [::]:0 LISTENING 3156
 TCP [::]:4445 [::]:0 LISTENING 3156
 TCP [::]:4446 [::]:0 LISTENING 3156
 TCP [::]:8009 [::]:0 LISTENING 3156
 TCP [::]:8080 [::]:0 LISTENING 3156
 TCP [::]:8093 [::]:0 LISTENING 3156
 TCP [::]:8181 [::]:0 LISTENING 3156
 TCP [::]:18083 [::]:0 LISTENING 3156
 TCP [::]:64330 [::]:0 LISTENING 3156
 TCP [::]:64331 [::]:0 LISTENING 3156
 TCP [::]:64333 [::]:0 LISTENING 3156


      I also have GlassFish v2 installed on the same box, and if I shut down Jboss and start GlassFish (same ssl port), I can reach the GF homepage without any problems. So it's not a Firewall issue.

      any ideas why SSL is not working properly and how to diagnose this?

      thanks.

      • 998 Views
      • Tags: