Tuesday 29 August 2017

How to configure SSL on JBOSS EAP 6.4 with SAN certificate.

Step 1: Locate to JBOSS /configuration folder.

Screenshot 1:

Step 2: open standalone.xml file.  NOTE : Always take backup before doing any config. changes.

Command >> vi  standalone.xml 

Step 3: Add below parameters for ssl configuration below connector http.


<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">

<ssl key-alias="ssl" password="142536" certificate-key-file="/JBOSS/JBOSS1/jboss-eap-6.4/standalone/configuration/keystore.jks" verify-client="false" />

key-alias >> alias name of keystore.
certificate-key-file >> Pathname of the keystore file where you have stored the server certificate to be loaded.
password >> Password of a file.
verify-client >> Set to true if you want the SSL stack to require a valid certificate chain from the client before accepting a connection. (default is false).

Screenshot 3-1:

Screenshot 3-2:

Step 4 : Locate jboss /bin folder and start the jboss.

  I have made a script and bind my machine IP address.

Screenshot 4-1:

Screenshot 4-2:

Step 5: Check the application on port 8443 with IP (Default port is 8443).

Screenshot 5 :

Step 6: Check the application on port 8443 with CN (CommanName) and SAN (Subject Alternative Name) DNS in certificate.

Before this make entries in hosts file of machine.

Command >> vi    /etc/hosts

Screenshot 6-1:

Step 7 : Check the application using Common Name (CN).

Screenshot 7-1:

Check the application using SAN-DNS.

Screenshot 7-2:

Screenshot 7-3:

Step 8 : To hide port 8443 , change the Port  from 8443  to  443  in standalone.xml  and restart the jboss.

Screenshot 8-1 :

Step 9: Check the application using Common Name (CN).

Screenshot 9 :

Refrence link :
Refrence link :
Refrence link :

Link to create self-signed  certificate

Thanks :-)

No comments:

Post a Comment