I have a Java EE application deployed under jboss 7 and I want to use https
I modified standalone.xml
<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">
<connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http" redirect-port="8443"/>
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
<ssl key-alias="ads-credentials" password="esprit" certificate-key-file="D:\server-keytool.jks" protocol="TLS" verify-client="false"/>
</connector>
<virtual-server name="default-host" enable-welcome-root="true">
<alias name="localhost"/>
<alias name="example.com"/>
</virtual-server>
</subsystem>
but when I test I have this error :
.........
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) [jsse.jar:1.6]
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649) [jsse.jar:1.6]
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241) [jsse.jar:1.6]
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235) [jsse.jar:1.6]
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206) [jsse.jar:1.6]
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136) [jsse.jar:1.6]
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593) [jsse.jar:1.6]
I generate the certificate using this commande :
keytool -genkey -alias ads-credentials -keyalg RSA –keystore server-keytool.jks
after serach I think that I should import certificate into jvm but I didn't know how can I make this config
I use jdk1.6.0_25
Updated :
I try with this solution :
C:\javatools\jdk1.6.0_25\jre\lib\security>keytool -import -alias ads-credentials -keystore D:\server-keytool.jks -trustcacerts -file cacerts
but I have this error :
C:\javatools\jdk1.6.0_25\jre\lib\security>keytool -import -alias ads-credentials
-keystore D:\server-keytool.jks -trustcacerts -file cacerts
Tapez le mot de passe du Keystore :
erreur keytool : java.security.cert.CertificateException: java.io.IOException: D
erInputStream.getLength(): lengthTag=109, too big.
the password that I use is the same which is used to create the certificate : test
this is the information of my certificate :
C:\javatools\jdk1.6.0_25\jre\lib\security>keytool -list -v -keystore D:\server-k
eytool.jks
Tapez le mot de passe du Keystore :
Type Keystore : JKS
Fournisseur Keystore : SUN
Votre Keystore contient 1 entrÚe(s)
Nom d'alias : ads-credentials
Date de crÚation : 8 janv. 2014
Type d'entrÚeá: PrivateKeyEntry
Longueur de cha¯ne du certificat : 1
Certificat[1]:
PropriÚtaireá: CN=alen dumas, OU=ing, O=dao, L=france, ST=nice, C=216
╔metteurá: CN=alen dumas, OU=ing, O=dao, L=france, ST=nice, C=216
NumÚro de sÚrieá: 52cd6102
Valide duá: Wed Jan 08 15:30:26 CET 2014 auá: Tue Apr 08 16:30:26 CEST 2014
Empreintes du certificatá:
MD5á: E7:A2:8D:8E:51:2E:FC:44:DB:22:3E:BF:8F:D4:81:88
SHA1á: 05:37:72:10:88:0B:08:8E:FA:05:60:54:48:61:D9:B3:6D:70:A9:69
Nom de l'algorithme de signatureá: SHA1withRSA
Versioná: 3
*******************************************
*******************************************
C:\javatools\jdk1.6.0_25\jre\lib\security>
