Trang chủ | | Danh mục bài viết yêu thích | Liên hệ | Đăng nhập Trang chủ | | Danh mục bài viết yêu thích | Liên hệ | Đăng nhập
Tìm kiếm các bài viết theo từ khoá Liệt kê theo danh mục
Hướng dẫn triển khai, cài đặt chứng chỉ số SSL cho máy chủ chạy JBoss
Chi tiết bài viết

Lần cập nhật cuối
5th of June, 2014

Ý kiến người dùng (3 Bình chọn)
66% thumbs up 33% thumbs down

Làm thế nào bạn sẽ đánh giá câu trả lời này?
có ích
không hữu ích

Nguồn: https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=SO6135


Generate CSR on Jboss

Generate Key on Jboss

Install Certificate on Jboss

Configure Jboss Web Container


Perform the steps below to generate your Key, CSR and Install your certificate:

If you need to run 'keytool' on your system to create and/or import certificates, copy the JSSE jars to $JAVA_HOME/jre/lib/ext.

Step1: Generate Keystore

keytool -genkey -keyalg RSA -alias tomcat -keystore [keystore name]

Các loại chứng chỉ EV thì thêm đoạn -keysize 2048

Enter keystore password:

Choose a password and enter it when prompted to do so.
What is your first and last name?
[Unknown]:  http://www.mydomain.com/ (example)

What is the name of your organizational unit?
[Unknown]:  IT testing (example)

What is the name of your organization?
[Unknown]:  My Company Testing (example)

What is the name of your City or Locality?
[Unknown]:  Cape Town (example)

What is the name of your State or Province?
[Unknown]:  Western Province (example)

What is the two-letter country code for this unit?
[Unknown]:  ZA (example)

Is CN=www.mydomain.com, OU=IT testing, O=My Company Testing, L=Cape Town, ST=Western Province, C=ZA correct?
  [no]:  yes
Enter key password for

 (RETURN if same as keystore password):
NOTE: Please specify the same password for the keystore and the keyEntry or else you will receive the following error message when you restart the jakarta engine: java.security.UnrecoverableKeyException: Cannot recover key
Note: that a keystore was created.

Please run: keytool -list -keystore [keystorename] to make sure you can read the keystore file.

The keystore will be stored in your JDK/bin directory. Create a copy of the keystore file and store it on a removable disk for safe keeping in case of a server crash.
Step 2:  Generate a CSR off the newly create keystore and keyentry:

keytool -certreq -alias tomcat -keyalg  RSA -file certreq.csr -keystore [keystorename]
Enter keystore password:

The CSR will be saved to your JDK/bin directory:




Step 3:  When you receive the certificate save the VeriSign signed Certificate in a notepad file named 'cert' for example.

Step 4: Import the Certificate into the keystore:

keytool -import -alias tomcat -trustcacerts -file cert.txt  -keystore [keystorename]

Step 5. Configure Web Container

If using Tomcat - Find the section in the Tomcat server.xml configuration file that starts with, "Uncomment this for SSL support". Uncomment the following section, and insert the location of your server key.


Copy the JSSE jars to your $TOMCAT_HOME/lib directory.

If using Jetty - Find the section in the $JBOSS_JETTY_HOME/conf/jetty/jetty.xml configuration file that starts with, "Uncomment this to add an SSL listener". Uncomment the following section, and insert the location of your server key.





      / etc / server.keystore



 Start JBoss

Start JBoss and point your browser to https://your-server-name.your-domain:8443/ to test your SSL implementation.

If using "self-signed" certificates, you may have to import your test certificate into your browser.

Các bài liên quan
Không có bài viết liên quan đã được tìm thấy.
File đính kèm
Không có File đính kèm nào được tìm thấy.

Tiếp tục

Knowledge Management