- 浏览: 85305 次
文章分类
最新评论
-
bailangfei3344:
自我介绍 -
regionwar:
你好,转化为人为:1、不该加锁的不要加锁:局部变量,单线程占用 ...
关于java锁机制的优化 -
danni505:
希望能交流:
msn:danni-505#hotmail.co ...
关于java锁机制的优化 -
ouspec:
收藏的东西不错。
TOP500 -
willpower:
The idea behind is e-sync IO do ...
Rethink the sync
There are a few web pages that describe configuring Secure Socket Layer (SSL) for JBoss, but most gloss over some of the details.
Deep inside the guts of JBoss is an instance of another server called Tomcat, and when it comes to using SSL and HTTPS, JBoss delegates all the implementation stuff to that bundled Tomcat installation. As a result, some of the instructions for implementing SSL come directly from Tomcat documentation. For example, I used this document to start figuring out how to enable SSL.
Before starting, there are two things to ascertain:
- where JBoss is installed on your machine; and
- that there's a version of the Java Developer's Kit on the JBoss machine.
For the purposes of this write-up, we will describe setting up JBoss to use a temporary, self-signed SSL Certificate. Also, we'll assume that you're installing under Windows.
There are essentially three steps:
- create the self-signed certificate;
- move the self-signed certificate to a JBoss directory; and
- edit the Tomcat configuration file to turn on SSL.
Creating the Self-Signed Certificate
The Java Developer's Kit includes a utility to create certificates. Go to a command line and type the following:
keytool -genkey -alias tomcat -keyalg RSA
- it creates a new key; and
- if necessary, it creates a collection of keys (called a "key store") to put the key in.
There are some prompts that look like this:
Notice that there are two prompts for the password. That's because there's one password for the keystore, and one password for the actual key.
Moving the Keystore
One of the things that the tool isn't very good about is telling you where it created that keystore. By default, the keygen tool puts information in the "Documents and Settings" directory for your userid. In the example, above, we'd find that they keystore has been created as a file called:
C:\Documents and Settings\mcgradyt\.keystore
C:\Program Files\jboss-4.0.3\server\default\conf
Update the Configuration File
First up, you should probably shut down the JBoss server as you do this step.
In the JBoss directory, there should be a file called server.xml:
C:\Program Files\jboss-4.0.3\server\default\deploy\jbossweb-tomcat55.sar\server.xml
<!-- SSL/TLS Connector configuration using the admin devl guide keystore <Connector port="8443" address="${jboss.bind.address}" maxThreads="100" strategy="ms" maxHttpHeaderSize="8192" emptySessionPath="true" scheme="https" secure="true" clientAuth="false" keystoreFile="${jboss.server.home.dir}/conf/chap8.keystore" keystorePass="rmi+ssl" sslProtocol = "TLS" /> -->
- Uncomment the block
- Change the port to 443
- Change the keystore password to the password used, above ("changeit")
The end result should look something like this:
<!-- SSL/TLS Connector configuration using the admin devl guide keystore --> <Connector port="443" address="${jboss.bind.address}" maxThreads="100" strategy="ms" maxHttpHeaderSize="8192" emptySessionPath="true" scheme="https" secure="true" clientAuth="false" keystoreFile="${jboss.server.home.dir}/conf/chap8.keystore" keystorePass="changeit" sslProtocol = "TLS" /> <!-- -->
发表评论
-
字符编码笔记:ASCII,Unicode和UTF-8 (引用)
2009-01-07 10:39 936字符编码笔记:ASCII,Unicode和UTF-8 阮一峰 ... -
How to set up a simple LRU cache using LinkedHash
2008-11-03 18:05 1283How to set up a simple LRU cach ... -
Scalability?
2008-10-07 14:07 833严格上讲,scalability还没有正式定义, 甚至有人觉得 ... -
Cray Reminiscences
2007-08-29 15:54 799Kirk Pepperdine's attendence of ... -
lock-free
2007-06-18 22:06 9951. http://www.ibm.com/developer ... -
解决java.lang.OutOfMemoryError: PermGen space(转帖)
2007-06-05 18:07 3163解决方案就是:在启动服务器时加上指定PermGen区域的内存大 ... -
Performance...
2007-06-05 15:11 984« I used to work for... | Mai ... -
数据仓库
2007-04-18 10:38 1123... -
Expressions Transform
2007-04-13 11:13 1398Expressions, Conversion and Eva ... -
Java cleanup code
2007-04-03 12:20 1299Java shutdown hook guarantee th ... -
Java performance tunning
2007-04-03 11:37 942http://www.javaperformancetunin ... -
Running IE from command line
2007-04-03 10:58 1118Here's a simple way you can ru ... -
Unicode and UTF8
2007-04-03 10:27 912What is Unicode? Unicode provid ... -
Daemon Thread Notes
2007-04-03 09:16 26521. 只要程式中的non-Daemon thread都結束了. ... -
How to know the main class of a jar file?
2007-04-02 15:18 1031Easy. Here is an implementation ... -
The best chinese BAT tutorial(from www.boofee.net/bigfee/)
2007-03-27 11:58 1329如何创建批处理文件? 不要听了批处理文件就感到很神气 ... -
Basics - Binary search
2007-03-26 15:53 979java 代码 public class Bin ... -
MergeSort
2007-03-23 17:26 855MergeSort is a sample solutio ... -
Graph data structure
2007-03-23 12:04 8781. adjacent matrix good for bor ... -
Functional Programming For The Rest of Us
2007-03-23 10:39 1305I like connect beautiful artic ...
相关推荐
It also provides detailed insight into configuring the various component services such as security, performance, and clustering. Beyond coverage of the core application server, the book also teaches ...
### JBoss in Action: Configuring the JBoss Application Server #### 关键知识点概览 - **JBoss Application Server**: 一种开源的应用服务器,适用于Java应用程序的部署与管理。 - **JBoss in Action**: 一本...
第四章“Securing applications”深入讨论了应用程序的安全性问题,包括身份验证、授权机制、SSL/TLS加密等技术,以及如何在JBoss应用服务器上实现这些安全措施,保护应用程序免受外部威胁。第五章“Securing web ...
1. "The Apache Tomcat Connector - Reference Guide - Configuring IIS.htm":这份文档可能来自Apache Tomcat的连接器(也称为ISAPI重定向器),它提供了关于如何配置IIS以与Tomcat或JBOSS等Java应用服务器通信的...
Configuring the JBoss Utility ServerJBoss in Motion is the primary e-book to deal with educating readers intimately how you can use the JBoss utility server. In contrast to different...
Configuring HSTS 286 Ensuring Hostname Coverage 287 Cookie Security 288 Attack Vectors 289 Robust Deployment Checklist 290 Browser Support 291 Privacy Implications 293 ix Content Security Policy 293 ...
A common problem for administrators of IIS servers is configuring and troubleshooting SSL enabled websites. To assist in administrators efforts, Microsoft has designed a tool - SSL Diagnostics - to ...
本文将基于《Configuring Siebel Business Applications》(版本8.1)的内容,详细介绍如何配置Siebel业务应用程序。 #### 二、软件许可与版权信息 根据文档开头部分提供的信息,该文档为Siebel业务应用程序配置...
4.1.1.11 Packet Tracer - Configuring Extended ACLs Scenario 2.pka
Configuring OSPF Authentication OSPF实验配置指南,认证配置方法,拓扑图,实验过程,实验现象。
Prepare for Microsoft Exam 70-410 – and help demonstrate your real-world mastery of implementing and configuring core services in Windows Server 2012 R2. Designed for experienced IT professionals ...
Cisco Packet Tracer 思科...0.2.1.8 Packet Tracer - Configuring RIPv2思科作业 正确答案文件 可直接上交正确答案文件 本答案版权归mewhaku所有,严禁再次转载!!! Copyright @mewhaku 2022 All Rights Reserved
- **Configuring JBoss for Alfresco**:进一步介绍如何为 Alfresco 配置 JBoss。 - **Installing Alfresco on WebLogic**:为使用 WebLogic 服务器的用户提供安装指南。 #### 十、其他组件安装 - **Installing ...
NAV350 报文解析 Telegram_listing_Telegrams_for_Configuring_and_Operating_the_NAV350_
根据提供的文件信息,本书《Installing and Configuring Windows Server 2012 Exam Ref 70-410》是一本针对Microsoft认证考试70-410的专业辅导教材。本书由Craig Zacker编写,并由Microsoft Press出版。以下是本书中...
4.1.3.5 Packet Tracer - Configuring IPv4 and IPv6 Interfaces.pka
英文书籍,排版及页面清晰度不错,对SAP SD的相关知识还是比较全面的,个人建议有一定英语基础的人并且具备SAP基础知识的人去学习。
Configuring SAP R3 FICO The Essential Resource for Configuring the Financial and Controlling Modules
Prepare for Microsoft Exam 70-687 – and help demonstrate your real-world mastery of configuring Windows 8.1 in the enterprise. Designed for experienced IT professionals ready to advance their status...