Versions Compared

Version Old Version 1 New Version Current
Changes made by

Mahisha Chandrakumar CTOO (Unlicensed)

Mahisha Chandrakumar CTOO (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

 Prerequisites
The following table gives the prerequisite information that has to be complied before switching from HTTP to HTTPS for JBoss:

S.No

Dependency

Comments

1

JAVA 

This has to be installed previously.

2

JBoss Server EAP (7+)

This has to be installed previously.

3

Setting up the provided environment variables for java

 



Perform the following steps in order to switch from HTTP to HTTPS for JBoss: 
 
Step - 1 Creating a keystore file 
  

...

1. Open the command prompt and enter the following command:

Code Block
keytool -genkey -alias jboss -keyalg RSA -keystore canvascertificate.cert


 2. Enter the keystore and key password details for generating the keystore file. Here, the keystore is saved as canvascertificate.cert

Image Removed Image Added
Step – 2: Configuring JBoss for using keystore file — SSL config
 
File Location: <JBoss EAP 7.x Installed folder>\standalone\configuration\standalone.xml
  1. Add the following security realms data within the security realms tag:

 
Make sure that you mention the Keystore file path in Keystore path Field. Here, jboss/standalone/configuration folder is mentioned.
  

Code Block
<security-realms>

...


            <security-realm name="ssl-realm"> // "ssl-realm" is an user defined name

...


                <server-identities>

...


                    <ssl>

...


                        <keystore path="canvascertificate.cert" relative-to="jboss.server.config.dir" keystore-password="canvas" alias="jboss" key-password="canvas"/>

...


                    </ssl>

...


                </server-identities>

...


            </security-realm>


 2. Comment the following command line inside the <subsystem xmlns="urn:jboss:domain:undertow:9.0> element in order to disable the default HTTP configuration:

Code Block
<http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/>

 

3. Add the following command line inside the <subsystem xmlns="urn:jboss:domain:undertow:9.0> element in order to enable the HTTPS configuration.

Code Block
<subsystem xmlns="urn:jboss:domain:undertow:9.0>

...


 

...


<https-listener name="https" socket-binding="https" security-realm="ssl-realm" enable-http2="true"/>

...


Note

...

Make sure that you mention the security realm name in security-realm field.


  4. Make sure that you mention the security realm details in between urn:jboss:domain:remoting tag. 

Code Block
<subsystem xmlns="urn:jboss:domain:remoting:4.0">

...


            <http-connector name="http-remoting-connector" connector-ref="https" security-realm="ssl-realm"/>

...


        </subsystem>


 
 5. You can change your HTTPS default port if required. Here, 9129 is chosen to be as the port number. 

Code Block
<socket-binding name="https" port="${jboss.https.port:9129}"/>

 
Step – 3: Accessing the Application
Start JBoss service and try to access https://localhost:9129. You will see JBosss local home page with https enabled. 
Image Removed
Image Added