首页 > 代码库 > jboss4.2.3 SSL配置 + 生成数字签名

jboss4.2.3 SSL配置 + 生成数字签名

一、生成数字签名

1. 生成JKS文件

keytool -genkey -keyalg RSA -alias jbosskey -keystore jbosskey.jks

在win7系统中,该文件的默认路径是 C:\Users\rigid

2. 导出证书

keytool -export -alias jbosskey -file jbosskey.cer -keystore jbosskey.jks

在win7系统中,该文件的默认路径是 C:\Users\rigid

3. 查看jks文件的详情

keytool -list -keystore jbosskey.jks

二、配置JBOSS SSL

1. 拷贝jks和cer文件到%JBOSS_HOME%/server/default/conf下

2. 修改jboss-4.2.3.GA\server\default\deploy\jboss-web.deployer\server.xml

增加

keystoreFile="${jboss.server.home.dir}/conf/jbosskey.jks"
keystorePass="1qazxsw2"

 <Connector port="8080" address="${jboss.bind.address}"             maxThreads="250" maxHttpHeaderSize="8192"         emptySessionPath="true" protocol="HTTP/1.1"         enableLookups="false" redirectPort="8443" acceptCount="100"         connectionTimeout="20000" disableUploadTimeout="true" />    <!-- Define a SSL HTTP/1.1 Connector on port 8443         This connector uses the JSSE configuration, when using APR, the          connector should be using the OpenSSL style configuration         described in the APR documentation -->    <!--    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"               maxThreads="150" scheme="https" secure="true"               clientAuth="false" sslProtocol="TLS" />    -->    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"                  address="${jboss.bind.address}"                    scheme="https" secure="true" clientAuth="false"                     keystoreFile="${jboss.server.home.dir}/conf/jbosskey.jks"                    keystorePass="1qazxsw2" sslProtocol = "TLS" />

 

jboss4.2.3 SSL配置 + 生成数字签名