Configuring JBoss 4.0.3 SP1 for SSL

- Stop JBoss if it is running.

Assuming you are on Windows:
– Change directory to the \conf\ folder of your JBoss configuration (“all”).

Run the JDK’s keytool to create a keystore and a key for SSL
Assuming the JDK’s bin folder is at C:\Java\jdk1.5.0_12\bin\:
C:\Java\jdk1.5.0_12\bin\keytool -genkey -keyalg RSA -validity 3650 -alias livecycle -keystore /home/livecycle/jboss_4.0.3/server/all/conf/livecycle.keystore -storepass livecycle -keypass livecycle -dname “, OU=Technical Marketing, O=Adobe Systems Canada Inc., L=Ottawa, ST=Ontario, C=ca”

Edit Tomcat’s server.xml, uncomment the entry for enabling SSL, change the keystore password
– Go to %JBOSS_HOME%\server\all\deploy\jbossweb-tomcat55.sar\
– Edit server.xml with something other than Notepad or Wordpad (UltraEdit recommended)
– Uncomment entry that says SSL/TLS Connector configuration
– Ensure the value of keystorePass is changed to the proper password (‘livecycle’ in the example). The line should look something like this:
keystoreFile=”/home/livecycle/jboss_4.0.3/server/all/conf/livecycle.keystore” keystorePass=”livecycle”
– Save and re-start JBoss

The console log should now have an entry that says [Http11Protocol] Starting Coyote HTTP/1.1 on http-

Verify using a browser:
– try the LiveCycle AdminUI URL https://server:8443/adminui
– ignore the warning about the “security certificate not having been issued by a trusted certificate authority”. It is “normal” in this case because we are using a self-signed certificate.
– Make sure the Login page is loaded

VN:F [1.9.22_1171]
Was this helpful? Please rate the content.
Rating: 1.0/10 (1 vote cast)
Configuring JBoss 4.0.3 SP1 for SSL, 1.0 out of 10 based on 1 rating
This entry was posted in General Interest. Bookmark the permalink.

2 Responses to Configuring JBoss 4.0.3 SP1 for SSL

  1. Hemant says:

    Just to add a point to the above notes:–> Change the value for the keystoreFile attribute(keystoreFile=”${jboss.server.home.dir}/conf/chap8.keystore” in this example)

  2. Jayan Kandathil says:

    Thanks for your comment, Hemant.I went ahead and fixed the original blog post since it was indeed confusing.