jboss4.2.3 SSL配置 + 生成數字簽名

1、生成數字簽名

1. 生成JKS文件

keytool -genkey -keyalg RSA -alias jbosskey -keystore jbosskey.jks

在win7系統中，該文件的默認路徑是 C:\Users\rigid

2. 導出證書

keytool -export -alias jbosskey -file jbosskey.cer -keystore jbosskey.jks

在win7系統中，該文件的默認路徑是 C:\Users\rigid

3. 查看jks文件的詳情

keytool -list -keystore jbosskey.jks

2、配置JBOSS SSL

1. 拷貝jks和cer文件到%JBOSS_HOME%/server/default/conf下

2. 修改jboss-4.2.3.GA\server\default\deploy\jboss-web.deployer\server.xml

增長

keystoreFile="${jboss.server.home.dir}/conf/jbosskey.jks"
keystorePass="1qazxsw2"

 <Connector port="8080" address="${jboss.bind.address}"    
         maxThreads="250" maxHttpHeaderSize="8192"
         emptySessionPath="true" protocol="HTTP/1.1"
         enableLookups="false" redirectPort="8443" acceptCount="100"
         connectionTimeout="20000" disableUploadTimeout="true" />

    <!-- Define a SSL HTTP/1.1 Connector on port 8443
         This connector uses the JSSE configuration, when using APR, the 
         connector should be using the OpenSSL style configuration
         described in the APR documentation -->
    <!--
    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" />
    -->
    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" 
                 address="${jboss.bind.address}"
                    scheme="https" secure="true" clientAuth="false" 
                    keystoreFile="${jboss.server.home.dir}/conf/jbosskey.jks"
                    keystorePass="1qazxsw2" sslProtocol = "TLS" />