Jboss SSL on Debian

1. Generate self-signed certificate:

clay@clay:~$ $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /home/clay/clay.keystore

 

2. Then you will see:

Enter keystore password:  
Re-enter new password: 
What is your first and last name?
  [Unknown]:  Clay Zhong
What is the name of your organizational unit?
  [Unknown]:  blabla
What is the name of your organization?
  [Unknown]:  DEV
What is the name of your City or Locality?
  [Unknown]:  Shanghai
What is the name of your State or Province?
  [Unknown]:  Shanghai
What is the two-letter country code for this unit?
  [Unknown]:  CN
Is CN=Clay Zhong, OU=Augmentum, O=DEV, L=Shanghai, ST=Shanghai, C=CN correct?
  [no]:  y

Enter key password for <tomcat>
	(RETURN if same as keystore password):  

 

3. Move the self-signed certificate to a JBoss directory : JBOSS_HOME/server/default/conf and edit JBOSS_HOME/server/default/jboss-web.deployer/server.xml:

<!-- Define a SSL HTTP/1.1 Connector on port 8443
         This connector uses the JSSE configuration, when using APR, the 
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
               keystoreFile="${jboss.server.home.dir}/conf/clay.keystore"
               keystorePass="password" />

 

4. Visit page https://localhost:8443/