JBoss配置HTTPS安全连接

 

1、用keytool生成server.keystore文件：
C:\Documents and Settings\new>keytool -genkey -alias tc-ssl -keyalg RSA -keystor
e c:\server.keystore -validity 3650

生成完后放入C:\jboss-3.2.6\server\default\conf中。

2、配置server.xml文件
<!-- SSL/TLS Connector configuration using the admin devl guide keystore-->
      <Connector port="8443" address="${jboss.bind.address}"
           maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
           scheme="https" secure="true" clientAuth="false"
           keystoreFile="${jboss.server.home.dir}/conf/server.keystore"
           keystorePass="111111" sslProtocol = "TLS" />
3、访问https://localhost:8443/jmx-console/index.jsp，可以了。
同时http://localhost:8080/jmx-console/index.jsp也可以访问，
如果将http转向到https: 修改WEB应用的web.xml
=========web.xml==================
<security-constraint>
     <web-resource-collection>
       <web-resource-name>HtmlAdaptor</web-resource-name>
       <description>An example security config that only allows users with the
         role JBossAdmin to access the HTML JMX console web application
       </description>
       <url-pattern>/</url-pattern>
       <!-- <http-method>GET</http-method>
       <http-method>POST</http-method> -->
     </web-resource-collection>
     <!--<auth-constraint>
       <role-name>JBossAdmin</role-name>
     </auth-constraint> -->
     <user-data-constraint>
            <description>Protection should be CONFIDENTIAL</description>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
      </user-data-constraint>
</security-constraint>