Firstly, yes, I have read the wiki SSL page, and no it doesnt appear to work out of the box with my configuration http://wiki.jboss.org/wiki/Wiki.jsp?page=SSLSetup.
I notice that the wiki page is written for 3.2.x? and is quite old, some things may now not work according to the 'documentation'? I'm migrating a webapp written for Websphere onto Jboss, and all the tweaks have now been done, bar SSL and later, FORM authentication. I'm currently stumbling with SSL... Now, following the wiki, Im attempting to set up the simple case of a SSL Server on port 8443 with a self-cert cert. Im running 4.03 under IBMs 1.5VM, I've added the JSSE 1.03_03 jars into my JRE/lib/ext folder, (and yes, I did the tweaks to java.security: JRE/lib/security/java.security exerpt: | security.provider.1=com.ibm.jsse2.IBMJSSEProvider2 | security.provider.2=com.ibm.crypto.provider.IBMJCE | security.provider.3=com.ibm.security.jgss.IBMJGSSProvider | security.provider.4=com.ibm.security.cert.IBMCertPath | security.provider.5=com.ibm.security.sasl.IBMSASL | security.provider.6=sun.security.provider.Sun Added | security.provider.7=com.sun.net.ssl.internal.ssl.Provider Added | I'll go through the stages the wiki describes: * Create a test keystore in the server/default/conf directory: Done * Edit jbossweb-tomcat41.sar/META-INF/jboss-service.xml Now called service.xml, Done * Start the server and browse to: https://localhost:8443/jmx-console/index.jsp This just doesnt work, and is where the I start trying other things The socket factory in question seems to create a standard http server socket listener on 8443, as http://localhost:8443 yields the the jboss main page, and https://localhost:8443 just hangs. Ive seen various other factories suggested http://tomcat.apache.org/tomcat-4.0-doc/ssl-howto.html, and have tried them but to no avail I really don;t understand why I get a PLAIN HTTP/1.1 on port 8443. Nothing bad listed in the boot.log, nothing bad in the server.log. Stdout: | 16:50:19,920 INFO [Http11Protocol] Starting Coyote HTTP/1.1 on http-0.0.0.0-8080 | 16:50:20,354 INFO [ChannelSocket] JK: ajp13 listening on /0.0.0.0:8009 | 16:50:20,393 INFO [JkMain] Jk running ID=0 time=0/54 config=null | 16:50:20,429 INFO [Http11Protocol] Starting Coyote HTTP/1.1 on http-8443 | My server.xml connector config: | <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" | port="8443" scheme="https" secure="true" > | <Factory className = "org.apache.coyote.tomcat4.CoyoteServerSocketFactory" | keystoreFile="${jboss.server.home.dir}/certs/server.keystore" | keystorePass="pass" | clientAuth="false" | protocol="TLS"/> | </Connector> | Just for giggles I ran 4.03 under SUNs 1.6ea, no difference, so I guess discount JSSE related configurations etc. Either I can't read (possible!) or the wiki is leaving something import out. I t should just work but doesnt. Clues? helpful ridicule? both equally sought! Andy. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3907077#3907077 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3907077 ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
