ALBERT SITE

jboss-eap-6.4 ssl 적용

Posted by Albert 195Day 14Hour 10Min 2Sec ago [2023-11-05]

1. 우선 ssl 인증키 생성 (키생성링크)

[albert@docker jboss]$ keytool -genkeypair -alias jboss -keyalg RSA -keystore server.keystore -storepass pwd123456

2, stabdalone.xml 파일 추가

<subsystem xmlns="urn:jboss:domain:web:2.2" default-virtual-server="default-host" native="false">
    <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
    <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
        <ssl key-alias="jboss" password="pwd123456" certificate-key-file="/home/albert/jboss/server.keystore" verify-client="false" />
    </connector>
    <virtual-server name="default-host" enable-welcome-root="true">
        <alias name="localhost"/>
        <alias name="example.com"/>
    </virtual-server>
</subsystem>
<interfaces>
    <interface name="management">
        <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
    </interface>
    <interface name="public">
        <!--<inet-address value="${jboss.bind.address:127.0.0.1}"/>-->
        <any-address/>
    </interface>
    <!-- TODO - only show this if the jacorb subsystem is added  -->
    <interface name="unsecure">
        <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
    </interface>
</interfaces>
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
    <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>
    <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
    <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/>
    <socket-binding name="ajp" port="8009"/>
    <socket-binding name="http" port="7008"/>
    <socket-binding name="https" port="7009"/>
    <socket-binding name="remoting" port="4447"/>
    <socket-binding name="txn-recovery-environment" port="4712"/>
    <socket-binding name="txn-status-manager" port="4713"/>
    <outbound-socket-binding name="mail-smtp">
        <remote-destination host="localhost" port="25"/>
    </outbound-socket-binding>
</socket-binding-group>



LIST

Copyright © 2014 visionboy.me All Right Reserved.