Java

配置 jboss Web 應用程序以支持 SSL

  • October 3, 2012

我有一個 Spring JSF Web 應用程序,它部署在我想添加 SSL(即 https)的 JBoss6 應用程序伺服器中。我將如何使用 JBoss6 以正確的方式執行此操作?

我已經啟用了 jboss6\server\default\deploy\jbossweb.sar\server.xml 文件,如下所示,

<Connector protocol="HTTP/1.1" SSLEnabled="true" 
      port="${jboss.web.https.port}" address="${jboss.bind.address}"
      scheme="https" secure="true" clientAuth="false" 
      keystoreFile="${jboss.server.home.dir}/conf/chap8.keystore" 
      keystorePass="rmi+ssl" sslProtocol = "TLS" /> 

部署應用程序時出現以下錯誤。

Caused by: java.security.UnrecoverableKeyException: Password verification failed
   at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:769) [:1.6.0_22]
   ... 149 more

14:12:21,476 ERROR [AbstractKernelController] Error installing to Start: name=WebServer state=Create: LifecycleException:  Protocol handler initialization failed: java.io.IOException: Keystore was tampered with, or password was incorrect
   at org.apache.catalina.connector.Connector.initialize(Connector.java:1020) [:6.0.0.Final]
   at org.apache.catalina.core.StandardService.initialize(StandardService.java:701) [:6.0.0.Final]
   at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:443) [:6.0.0.Final]
   at org.jboss.web.tomcat.service.deployers.TomcatService.startService(TomcatService.java:359) [:6.0.0.Final]
   at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:355) [:6.0.0.Final (Build SVNTag:JBoss_6.0.0.Final date: 20101228)]
   at org.jboss.system.ServiceMBeanSupport.pojoStart(ServiceMBeanSupport.java:195) [:6.0.0.Final (Build SVNTag:JBoss_6.0.0.Final date: 20101228)]
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_22]
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_22]

確保你在 server.xml 中有這個,

    <Connector port="443" maxHttpHeaderSize="8192"
    maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
    enableLookups="false" disableUploadTimeout="true"
    acceptCount="100" scheme="https" secure="true"
    **keystoreFile="/path/to/file/mycert.jks"**
    clientAuth="false" sslProtocol="TLS">

使用此連結作為參考。

引用自:https://serverfault.com/questions/434423