I had previously setup SSL certs using Apache and IIS so I guess I figured JBoss (Tomcat) couldn't possibly be much different - I was *obviously* very, very mistaken.
I'm now in a real bind. I developed a web storefront for my conpany and need to push it out by the end of this week. I had no idea that I was going to spend 4+ days making futile attempts at getting my Verisign SSL cert to work right so users could switch to HTTPS while completing an order on the site. That's where I'm at, I've followed all the instructions for generating the CSR, then importing the cert, generating the keystore, etc. I'm confident this part is right and that my trouble lies w/ JBoss/Tomcat at this point. I've pored over these forums for days and have found a lot of information - but nothing that quite solved my problem. Yesterday I found this post which got me closer than ever to a potential solution: http://www.jboss.com/index.html?module=bb&op=viewtopic&t=81646 The JBoss documentation mentioned nothing about setting up the ciphers, trustedstoreFile, and trustedstorePass attributes in the Connector tag in Tomcat's server.xml file. Here is mine: | <Connector port="8443" address="${jboss.bind.address}" | maxThreads="100" strategy="ms" maxHttpHeaderSize="8192" | emptySessionPath="true" | scheme="https" secure="true" clientAuth="false" | sslProtocol="TLS" | ciphers="SSL_DH_anon_WITH_RC4_128_MD5" | keystoreFile="${jboss.server.home.dir}/conf/mykey.keystore" | keystorePass="mysecretpass" | truststoreFile="${jboss.server.home.dir}/conf/mykey.keystore" | truststorePass="mysecretpass" /> | Once I added the ciphers, truststoreFile, and truststorePass attributes I stopped getting the dreaded SSLException when I started JBoss, I *was* previously getting this exception: | javax.net.ssl.SSLException: No available certificate corresponds | to the SSL cipher suites which are enabled. | ...I'm *not* getting this now thanks to the "anon" cipher listed in the "ciphers" attribute in the Connector tag above. Naturally I was excited when I could finally boot JBoss w/o this exception. However, now I cannot browse https://localhost:8443/MyApp. In Internet Explorer I simply get a "The page cannot be displayed" error page and Firefox 1.5.x gives me this dialog message: | Firefox and localhost cannot communicate securely because they have no common encryption algorithms. | The error seems pretty obvious, however, I have all SSL options enabled in both browsers so the problem has to be w/ the cipher, as far as I can see? I'm completely tapped out of ideas and have been doing this for so long I'm probably making more problems for myself at this point rather than progressing. I have no other ideas, I'm at the mercy of this forum, can anyone help me understand what the problem is here? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3946224#3946224 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3946224 ------------------------------------------------------- All the advantages of Linux Managed Hosting--Without the Cost and Risk! Fully trained technicians. The highest number of Red Hat certifications in the hosting industry. Fanatical Support. Click to learn more http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642 _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
