Thursday, December 5, 2013

SSL Configuration in JBOSS 7.0. Application Server


Creating SSL Certificate using JAVA keytool
Step 1:
            Consider Windows 7 as Operating system.
             Run Command prompt as administrator              
             Go to Java Home directory like
             C:\Program Files (x86)\Java\jdk1.7.0_09\bin
 Step2:
Run the following command to create trusted certificate on
 C:\Program Files (x86)\Java\jdk1.7.0_09\bin
1)keytool  -genkey  -keystore   server.keystore -storepass  rmi+ssl  -keypass  mypass  -keyalg  RSA -alias  server   -validity 3650  -dname "cn=Server SSL example,ou=admin test,dc=jboss,dc=org"
2) keytool -export -alias  server    –keystore   server .keystore  -rfc  -file  public.cert
3) keytool -import -alias server   -file  public.cert  –storetype  JKS  -keystore  server.truststore
     It will ask for password, please provide  mypass   as  a password       
Step 3:
  After running all this command, all file like , server.keystore, public.cert , server.truststore will generate in this path C:\Program Files (x86)\Java\jdk1.7.0_09\bin   
Need copy all these file to C:\jboss-as-7.1.1.Final\standalone\configuration directory

Step 4:
Open standalone.xml which is using to run the JBOSS server  
Copy below code to standlone.xml
<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">
            <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http" redirect-port="8443"/>
            <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
                <ssl name="ssl" key-alias="Illustrator" password="mypass" certificate-key-file="${jboss.server.config.dir}\server .keystore" protocol="TLSv1" verify-client="true"/>
            </connector>
            <virtual-server name="default-host" enable-welcome-root="true">
                <alias name="localhost"/>
                <alias name="example.com"/>
            </virtual-server>
        </subsystem>

Remember in subsystem tag mention native=”false” otherwise we need remove tomcat native libs from module folder
C:\jboss-as-7.1.1.Final\modules\org\jboss\as\web\main\lib\win-i686\ tcnative-1.dll
Step5:
Make above changes save the file and restart the application.
Consider using IE 8, 9 browsers  
Then his the our url https://127.0.0.1:8443/myapplication/index.html

Step6:
Use below steps used to install created certificate to browser

In the Internet Options dialog, click Content, then click Certificates. Click Importand follow the steps in the Certificate Import wizard.
For Internet Explorer 8 and 9
1.      Navigate to the Gateway home using an HTTPS URL.
2.      At the prompt There is a problem with this website's security certificate, click Continue to this website (not recommended).
3.      Click Internet Options on the Tools menu.
4.      On the Security tab, click Trusted sites and then click Sites.
5.      Confirm that the URL matches the URL you entered and click Add, and then click Close.
6.      Close Internet Options.
7.      Refresh the web page.
8.      At the prompt There is a problem with this website's security certificate, choose Continue to this website (not recommended).
9.      Click Certificate Error in the address bar and click View certificates.
10.  Click Install Certificate, and then click Next in the Certificate Import Wizard.
11.  Select Place all certificates in the following store.
12.  Click Browse, click Trusted Root Certification Authorities, and click OK.
13.  Click Next in the wizard until you reach the last screen, and then click Finish. If you get a Security Warning message box, click Yes.
14.  Click OK.
15.  On the Tools menu, click Internet Options.
16.  On the Security tab, click Trusted sites and then click Sites.
17.  Select the URL you added and click Remove, and then click Close.
18.  Restart Internet Explorer.

 The web site's certificate as well as any WebSocket URL will now work in Internet Explorer.


You can check configuration on below link

Ref :
https://community.jboss.org/wiki/JBossAS7ConfiguringSSLOnJBossWeb
http://docs.jboss.org/jbossweb/7.0.x/ssl-howto.html#Edit the JBoss Web Configuration File
Posted by at
Labels:
Location: Pune, Maharashtra, India

7 comments:

  1. madhujavaAugust 11, 2015 at 4:57 AM

    Hi, how to load image files and js files in to jboss7.1

    ReplyDelete
  2. AnonymousSeptember 15, 2015 at 5:21 AM

    hi, I'm not able to create cert using your mentioned steps 2and3.
    It giving me keytool error:Usage error, keystore is not a legal command

    Command:>keytool -export -alias server -keystore server.keystore -rfc -file public.cert

    Can you please correct me if i am going wrong.

    ReplyDelete
  3. Nagendra ReddyJune 13, 2016 at 12:43 PM

    Thank You for useful information to SSL configuration in jboss application server

    ReplyDelete
  4. AnonymousApril 20, 2018 at 3:55 AM

    Thanks for useful information... Really good.

    WEBLOGIC Training

    ReplyDelete
  5. RanjithJanuary 4, 2021 at 8:28 AM

    I am really admired for the great info is visible in this blog that to lot of benefits for visiting the nice info in this website.
    Thanks a lot for using the nice info is visible in this blog.

    python Training in chennai

    python Course in chennai

    ReplyDelete
  6. AngelicShadowDancer63September 29, 2023 at 5:10 PM

    Malatya
    Kırıkkale
    Aksaray
    Bitlis
    Manisa
    KAW

    ReplyDelete
  7. 743BETerrell222EEDecember 22, 2023 at 10:55 PM

    DF457
    niğde canlı sohbet
    ısparta rastgele görüntülü sohbet uygulamaları
    ankara bedava sohbet chat odaları
    igdir bedava görüntülü sohbet
    kastamonu görüntülü sohbet
    giresun ücretsiz görüntülü sohbet
    edirne chat sohbet
    giresun canli sohbet chat
    afyon mobil sohbet

    ReplyDelete

Subscribe to: Post Comments (Atom)