JBoss Enterprise Server
Please follow these instructions to install the certificate. After sending the CSR, you will receive the following 3 certificates: Root Certificate, Intermediate Certificate, and SSL Certificate. Each will be required to be installed into the KeyStore File. Please make sure to have your password (which was set when creating the KeyStore file) handy as it is required multiple times.
- Please run the following command to install the Root Certificate into the Java KeyStore file.
Root Certificate Installation
-----BEGIN CERTIFICATE-----
to
-----END CERTIFICATE-----
keytool -import -trustcacerts -alias root -file [root certificate].crt -keystore mykeystore.jks
Example:
keytool -import -trustcacerts -alias root -file root.crt -keystore mykeystore.jks
※You need to specify an alias such as "root" above. "mykeystore.jks" is the name you choose for the keystore when creating your CSR file. Please enter the password set when creating the CSR.- Please run the following command to install the Intermediate Certificate into the Java KeyStore file.
Intermediate Certificate Installation
-----BEGIN CERTIFICATE-----
to
-----END CERTIFICATE-----
keytool -import -trustcacerts -alias intermediate -file [intermediate certificate].crt -keystore mykeystore.jks
Example:
keytool -import -trustcacerts -alias intermediate -file intermediate.crt -keystore mykeystore.jks
※You need to specify an alias such as "intermediate" above. "mykeystore.jks" is the name you choose for the keystore when creating your CSR file. Please enter the password set when creating the CSR.- Please run the following command to install the SSL Certificate into the Java KeyStore file.
SSL Certificate Installation
-----BEGIN CERTIFICATE-----
to
-----END CERTIFICATE-----
keytool -import -trustcacerts -alias cert -file [SSL certificate].crt -keystore mykeystore.jks
Example:
keytool -import -trustcacerts -alias cert -file ssl_cert.crt -keystore mykeystore.jks
※You need to use the same alias used when generating "mykeystore.jks" during the CSR creation process. Please enter the password set when creating the CSR.- Once you have completely created your Java KeyStore file, you must now assign it in the JBOSS settings so that JBOSS will use the new SSL certificate. In order to change these settings, you will have to open and edit the JBOSS Web Configuration File.
Open the JBOSS Web Configuration File with a simple text editor.
- If this is your first time configuring JBOSS, then you will first need to uncomment the Connector Configuration. You may uncomment a section by removing the <!-- and --> around the section.
- (A) You must also locate the port= part in the SSL Connector part and change it to 443.
(B) Edit the keystoreFile= part to match the path and filename of the Java KeyStore file. The ${user.home} part should be changed to represent the base directory for the JBOSS instance.
(C) Edit the keystorePass= part to match the password that was set for the Java KeyStore file. - Original:
Connector port="8443" minSpareThreads="5" maxSpareThreads="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="${user.home}/.keystore" keystorePass="changeit"
clientAuth="false" sslProtocol="TLS"/>
Edited:Connector port="443" minSpareThreads="5" maxSpareThreads="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="${user.home}/mykeystore.jks" keystorePass="your password"
clientAuth="false" sslProtocol="TLS"/>
- Restart JBoss Server.