User login

Who's online

There are currently 0 users and 9 guests online.

Shoutbox

sentono: testing shoutbox :)
sentono: please type something here :)
Captcha
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
5 + 6 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.
All Shouts

Recent comments

Syndicate

Syndicate content
Home » Tutorials » Article Type » Configuring

How To Generate and Install SSL CSR in JBoss Webserver Windows

In This tutorial, We will try to Generate a CSR and Install it into JBoss Webserver.

Here is the simple steps how to do this:
Login as Administrator via remote desktop connection

Click Start > Run > cmd

We need to set path to JAVA_HOME, you can just copy paste into the command box.
c:\>set path=%path%;%JAVA_HOME%\bin\

Create jboss-ssl directory
c:\>mkdir jboss-ssl

Change directory to jboss-ssl

c:\>cd jboss-ssl
c:\jboss-ssl>

Generate Key.Store with Keytool & Generate CSR
</strong>c:\jboss-ssl>keytool -genkey -alias tomcat -keyalg RSA  -keystore test.keystore

What is your first and last name?
  []:  test.wowtutorial.org
What is the name of your organizational unit?
  [IS]:  IT
What is the name of your organization?
  [Wowtutorial]:
What is the name of your City or Locality?
  [Seattle]:
What is the name of your State or Province?
  [Seattle]:
What is the two-letter country code for this unit?
  [US]:
Is CN=test.wowtutorial.org, OU=IT, O=Wowtutorial, L=Seattle, ST=Seattle,  C=US correct?
  [no]:  yes


Password : wowtutorial

p.s : all those information will save in test.keystore
Next we need to Generate CSR from test.keystore.

c:\jboss-ssl>keytool -certreq -keyalg RSA -alias tomcat -file test.csr -keystore test.keystore
Input password : wowtutorial

p.s:  CSR info will save in this file test.csr

Next ....We nee to  PURCHASE SSL from Geocert,Verisign,Digicert,etc. They will help us to Generate CERTIFICATE.
After we have your brandnew CERTIFICATE. we need to import the CERTIFICATE AUTHORITY to the keystore. We can download CAcert.cer from Certificate Authority website or we also can found the CAcert.cer included in the email that we just purchased the new cert.

Save the file and name it CAcert.cer (CERTIFICATE AUTHORITY)

c:\jboss-ssl>keytool -import -alias root -keystore test.keystore -trustcacerts -file CAcert.cer
Input password : wowtutorial

Next, We need to import the brandnew certificate that we just purchase and name it test.cer

c:\jboss-ssl>keytool -import -alias tomcat -keystore test.keystore -trustcacerts -file test.cer
Input password : wowtutorial

If there is no error message. we good to go.

Next is copy a test.keystore to jboss conf directory
c:\jboss-ssl>copy test.keystore c:\jboss-4.0.0\conf\

Last step is to modify JBoss Webserver server.xml to also listen on port 443.
c:\jboss-ssl>edit c:\jboss-4.0.0\server\default\deploy\jbossweb-tomcat50.sar\server.xml

Modify the server.xml like the sample below :

<Connector port="443" address="${jboss.bind.address}"
           maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
           scheme="https" secure="true" clientAuth="false"
           keystoreFile="${jboss.server.home.dir}/conf/test.keystore"
           keystorePass="iraqredcrescent" sslProtocol = "TLS" />

Save and exit.

Restart JBoss server.
Click Start > Administrative tools > Services > JBoss Application Server
Right click on JBoss Application Server and Click Restart.

Test it out with IE/Mozilla.
https://test.wowtutorial.org

If there is no Certificate Authority Unknown error. It's mean we've successfully installed SSL on JBoss Application Server.


 


 

Bookmark/Search this post with:
Submitted by sentono on Thu, 10/25/2007 - 02:05.




Post new comment

The content of this field is kept private and will not be shown publicly.
  • Use [break] to create page breaks.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <br> <p> <h1> <h2> <h3> <h4> <h5> <pre>
  • Internal paths in double quotes, written as "internal:node/99", for example, are replaced with the appropriate absolute URL or relative path.
  • You can enable syntax highlighting of source code with the following tags: <code>, <blockcode>. Beside the tag style "<foo>" it is also possible to use "[foo]".

More information about formatting options

Captcha
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
11 + 4 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

Donate

Does this site make your life easier? Help me keep it online.

YM! Status