How to configure SSL in jboss Standalone mode?

How to generate and install SSL in jboss standalone mode?

Note: I am using Self signed certificate for demo purpose (Please do not use the same in production)

Step1: Generate Self signed SSL certificate using Java keytool

Note: You will need to have java environment variable set Click Here to refer to my previous post on
How to install java and set environment variables in linux

Command: keytool -genkey -alias ncm -keyalg RSA -keystore ncm.keystore -validity 365

Update with SHA256 algorithm:- keytool -genkey -alias ncm -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -validity 365 -keypass "Password" -keystore ncm.jks -storepass "Password"

keytool -export -alias ncm -file server.cer -keystore ncm.jks -storepass Changeit

Note: keep the password for keystore and keyfile same  so that you will remember easily.












Step2: Place the generated key $JBOSS_HOME/standalone/configuration/

Step3: Edit $JBOSS_HOME/standalone/configuration/standalone.xml and add the HTTPS connector

<connector name="https" scheme="https" protocol="HTTP/1.1" socket-binding="https" enable-lookups="false" secure="true">
<ssl name="ncm-ssl" password="123456" protocol="TLSv1" key-alias="ncm" certificate-key-file="../standalone/configuration/ncm.keystore" />
</connector>






Step4: Start/restart the jboss server and Test the configuration by browsing url https://localhost:8443
How to configure SSL in Jboss EAP 6.2 Standalone mode




Comments

  1. Unknown27 July 2018 at 01:32

    Hi I want to install SSL certificate on jeboss 6.0.1 in UAT after that on production jeboss 7.1.0

    ReplyDelete
  2. Saqib Khatri8 November 2019 at 07:00

    A very excellent blog post. I am thankful for your blog post. I have found a lot of approaches after visiting your post. RapidSSL Wildcard

    ReplyDelete

Post a Comment

Popular posts from this blog

How to configure SSL in WildFly 10 standalone mode

Image
How to configure SSL in WildFly 10 standalone mode and change default ssl port to 443? Important: From WildFly 8 onwards Web subsystem is replaced by Undertow subsystem.  You can use any profile listed below. 1) standalone.xml 2) standalone-full.xml 3) standalone-full-ha.xml 4) standalone-ha.xml NOTE: Just for demo purpose I am using selfsigned ssl certificates you can configure CA signed certificates in the same way. Step1: open standalone.xml  Now under management option create custom security-realm with any name you want I have given "SslRelam as shown below: <security-realm name="SslRealm"> <server-identities> <ssl> <keystore path="F:\NCM_PROD_SETUP\wildfly-10.0.0.CR5\standalone\configuration\ssl_cert\ncm.keystore" alias="ncm" keystore-password="123456" /> </ssl> </server-identities> </security-realm> Step2: Under profile option expand undertow subsystem there a...
Read more

How to configure SSL for Jboss Management Console.

Image
How to Secure Jboss EAP 6.2 Management console? Note:   Click Here  to refer my previous blog on how to configure ssl in jboss standalone mode I am going to use the same Selfsigned keystore file to configure SSL for Jboss Management Console. Step1: Edit: $JBOSS_HOME/standalone/ standalone.xml and make the below configuration changes, save the changes. <management> <security-realms> <security-realm name="ManagementRealm"> <server-identities> <ssl> <keystore path="ncm.keystore" relative-to="jboss.server.config.dir" password="123456"/> </ssl> </server-identities> </security-realm> </security-realms>  <management-interfaces> <http-interface security-realm="ManagementRealm"> <socket-binding https="management-https"/> </http-interface> </management-interfaces> </management> ...
Read more