数字证书密码加密

1、修改/wfm/jboss-4.2.3.GA/server/default/deploy/jboss-web.deployer/server.xml，中https端口配置

keystoreFile="conf/wfm.keystore"  keystorePass="changeit" keystoreType="jks"

修改为：

securityDomain="java:/jaas/encrypt-keystore-password" SSLImplementation="org.jboss.net.ssl.JBossImplementation"

2、修改/jboss-4.2.3.GA/server/default/deploy/jboss-web.deployer/META-INF/jboss-service.xml：

在节点<mbean code="org.jboss.web.tomcat.service.JBossWeb" name="jboss.web:service=WebServer" xmbean-dd="META-INF/webserver-xmbean.xml">中增加：

<depends>jboss.security:service=PBESecurityDomain</depends>

3、在/jboss-4.2.3.GA/server/default/conf/jboss-service.xml中增加如下配置：

<mbean code="org.jboss.security.plugins.JaasSecurityDomain"
      name="jboss.security:service=PBESecurityDomain">
  <constructor><arg type="java.lang.String" value="encrypt-keystore-password"></arg></constructor>
  <attribute name="KeyStoreURL">resource:hp_server.keystore</attribute>
  <attribute name="KeyStorePass">{CLASS}org.jboss.security.plugins.FilePassword:${jboss.server.home.dir}/conf/keystore.password</attribute>
  <attribute name="Salt">mostmost</attribute>
  <attribute name="IterationCount">13</attribute>
  </mbean>

注：keystore.password生成方式${JAVA_HOME}/bin/java -cp ${JBOSS}/server/default/lib/jbosssx.jar org.jboss.security.plugins.FilePassword mostmost 13 $PASSWORD ${JBOSS}/server/default/conf/keystore.password