Docs
ussl
Certificate Deployment
JBoss Certificate Deployment

JBoss Certificate Deployment

Step 1: Obtain and Import Certificate

Download the Jboss type certificate, you will receive three sections of certificate code. Copy and paste the code under “Your SSL Certificate” (including “-----BEGIN CERTIFICATE-----” and “-----END CERTIFICATE-----”) into a text document and save it as a .cer file, such as server.cer. In the same way, save the code under “XX Type SSL Intermediate Certificate” as intermediate.cer, and the code under “XX Type SSL Cross Certificate” as cross.cer.

Finally, save the server.cer, intermediate.cer, cross.cer, and server.jks (a file generated when creating CSR) in the same directory, such as the root directory of drive C.

Import intermediate certificate:

keytool -import -alias intermediate -keystore c:\server.jks -trustcacerts –file c:\intermediate.cer

If it prompts “Certification has been added to the keystore”, the import was successful.

Import cross-certificate:

keytool -import -alias cross -keystore c:\server.jks -trustcacerts -file c:\cross.cer

If it prompts “Certification has been added to the keystore”, the import was successful.

Import server certificate:

Navigate to the Java_JRE\bin directory, such as: cd C:\PROGRA~1\Java\jre1.6.0_10\bin, run the following command:

keytool -import -alias mykey -keystore c:\server.jks -trustcacerts -file c:\server.cer

After inputting your password, if it prompts “Certificate reply was installed in keystore”, the import was successful.

Step 2: Update server.xml Configuration File

Move the server.jks file, which has correctly imported the certificate-reply, to the Jboss installation directory.

Open the server.xml file in the Jboss installation directory, under server/default/deploy/jbossweb.sar directory, using a text editor, and update the following content:


<Connector protocol="HTTP/1.1" SSLEnabled="true" 

port="443" address="${jboss.bind.address}"

scheme="https" secure="true" clientAuth="false"

keystoreFile="/usr/local/jboss/server.jks "

keystorePass="123456" sslProtocol = "TLS" />

Here are explanations for the configuration file parameters:

port=“443”

SSL access port number is 443

keystoreFile

Private key store file server.jks

keystorePass

Private key store password 123456

After completing the above steps, restart Jboss.

If you have any questions or doubts, please feel free to contact us. Thank you!

Certificate Deployment for Apache2.xIIS Server Certificate Deployment