AnsweredAssumed Answered

Enable SSL using signed certificates

Question asked by SatyaV on Feb 20, 2014
Latest reply on Jul 9, 2014 by JF_LOMBARDO

Hi Team,

Can some share the documented steps on how to enable SSL using Signed certs for GM installed on JBOSS. The CA document refers to Self-Signed certificates. On high-leveles I have followed the below steps but I get the SSL request served from self-signed instead of Signed...

 

Steps followed:
Generated a keystore: Initially
Keytool  -genkey –alias gmkeystore –keyalg RSA –keystore gmkeystore.keystore
After few weeks
Generated Certificate request:
Keytool –certreq –alias gmkeystore –file server.csr –keypass *** –keystore gmkeystore.keystore –storepass ***
Imported the signed certificate into above created keystore:
keytool -importcert -alias plnappgov01-trusted01 -file plnappgov01.cer -keypass *** -keystore gmkeystore.keystore -storepass ***
Do you still want to add it? [no]:  yes
Certificate was added to keystore
Imported the signed certificate into java keystore:
keytool -importcert -trustcacerts -alias plnappgov01-trusted01 -file plnappgov01.cer –keypass *** –keystore "C:\ProgramFiles\Java\jdk1.6.0_38\jre\lib\security\cacerts" -storepass changeit
Do you still want to add it? [no]:  yes
Certificate was added to keystore
Edited server.xml located under (C:\Program Files\CA\RCM\Server\eurekify-jboss\server\eurekify\deploy\jbossweb.sar)
<!-- SSL/TLS Connector configuration using the admin devl guide keystore  -->
      <Connector protocol="HTTP/1.1" URIEncoding="UTF-8" SSLEnabled="true"
           port="8443" address="${jboss.bind.address}"
           scheme="https" secure="true" clientAuth="false"
           keystoreFile="${jboss.server.home.dir}/conf/gmkeystore.keystore"
           keystorePass="3t@admin" sslProtocol = "TLS" />
Thanks,
Satya

Outcomes