Enable SSL in JBoss AS 7.1.0

It is quite simple to enable SSL (https) in AS 7.1.0. First create a keystore with a key for jboss in it. Be sure to use the same password for the keystore and the key.

keytool -genkey -alias jboss -keyalg RSA

This generates the file /home/manuel/.keystore with 664 permissions. We will use this file in the standalone.xml file located in the configuration dir of jboss. Just locate the web subsystem with the already predefined http connector and add the new https connector:

<connector name="https" protocol="HTTP/1.1" scheme="https"
 socket-binding="https" secure="true">
        <ssl name="https" key-alias="jboss" password="changeit"
        &nbsp;certificate-key-file="/home/manuel/.keystore"/>
</connector>

The key-alias jboss is default and you can use every name you want as long as you create a key with that name in the keystore. See the jboss-web.xsd for further configuration options.

Don’t forget to change the path to the keystore of your environment. If you are using default ports 8080 and 8443 like me, make sure not to change http to https only – also use the right port; so use https://localhost:8443 and not https://localhost:8080.

Leave a Comment