1 Reply Latest reply on May 24, 2005 3:51 PM by heder oliveira

    Installing SSL certificate on JBOSS - SSLException

    Vadim Snitkovsky Newbie

      We have followed all the instruction in the documentation in order to install SSL cert for https. Chapter 8 example works well, but our real cert. does not.

      Has anyone been able to find a solution to this problem:

      javax.net.ssl.SSLException:
      No available certificate corresponding to the SSL
      cipher suites which are enabled...

      When installing a verisign certificate and root authority in a store and then trying to start JBOSS with that store specified in Tomcat connector we get the error above. There is mention of it here: http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html#Customization

      If anyone has been able to successfully install SSL cert. for https on JBoss, and has advice or ideas on how to fix this problem, please help.

      We also followed these links to set things up:
      1. http://www.geotrust.com/resources/install/jakarta_tomcat.htm
      2. http://jakarta.apache.org/tomcat/tomcat-5.5-doc/ssl-howto.html


      Thank You.
      Regards,
      Vadim

      OS: Win2k
      JDK: j2sdk1.4.2_06
      JBOSS: JBoss [Zion] 4.0.1sp1 (build: CVSTag=JBoss_4_0_1_SP1)

        • 1. Re: Installing SSL certificate on JBOSS - SSLException
          heder oliveira Newbie

          In my case, the solution was:

          1. copy file.keystore to jboss/server//conf
          eg: jboss/server/soccer/conf
          2. copy file.x509 (or file.csr) to jboss/server//conf

          3. add the code in jboss-service.xml under jboss/server//conf

           <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
           name="Security:service=JaasSecurityDomain,domain=TomcatSSL">
           <depends>jboss.security:service=JaasSecurityManager</depends>
           <constructor>
           <arg type="java.lang.String" value="TomcatSSL" />
           </constructor>
           <attribute name="KeyStoreURL">${jboss.server.home.dir}/conf/file.keystore</attribute>
           <attribute name="KeyStorePass">password</attribute>
           </mbean>
          

          4. change server.xml under jboss/server//deploy/jbossweb.....
           <!-- SSL/TLS Connector configuration using the admin devl guide keystore -->
           <Connector port="443" address="${jboss.bind.address}"
           maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
           scheme="https" secure="true" clientAuth="false"
           keystoreFile="${jboss.server.home.dir}/conf/offCA/off.keystore"
           keystorePass="offgiss" sslProtocol = "TLS" />
          
           <!-- A HTTP/1.1 Connector on port 8080 -->
           <Connector port="80" address="${jboss.bind.address}"
           maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
           enableLookups="true" redirectPort="443" acceptCount="100"
           connectionTimeout="10000" disableUploadTimeout="true"/>
          

          5. test: https://localhost/jmx-console

          Done.