Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SSL and Active Directory

Avatar

Level 1

Hi,

I've installed LC turnkey and set up the Right Management service.

I try now to replace the self signed certificate by one generated by my Active Directory internal Certification Authority.

https never going on so I would like to know the certificate characteristics to start ssl successfully.

I know that the key must be 1024 bits and exportable.

What's the Enhanced Key Usage needed and the others properties ?

Regards

Michael

Capgemini France

2 Replies

Avatar

Level 9

Michael

What are the steps that you followed to replace the self-signed cert.  Did you update the SSL configuration section of the "server.xml" config file for JBoss?

What error is any do you receive when you attempt to connect to the https url in a web browser?

Steve

Avatar

Level 1

Hi,

I've generated a certificate from my internal CA.

I generated the server certificate and convert it to private.pem and cert.pem.

I've also converted my CA certificate into pem format

I've imported my ca into the java cacerts.

Here is the part of server.xml file for https :

<Connector port="8443" address="${jboss.bind.address}" protocol="org.apache.coyote.http11.Http11AprProtocol" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
               SSLCertificateKeyFile="C:\Adobe\Adobe LiveCycle ES2\jboss\server\lc_turnkey\conf\rsa-private-key.pem"
               SSLCertificateFile="C:\Adobe\Adobe LiveCycle ES2\jboss\server\lc_turnkey\conf\self-signed-cert.pem"

Paths are good.

When I restart the JBoss Service, the server.log stay here :

2010-09-17 15:58:02,567 INFO  [org.apache.coyote.http11.Http11AprProtocol] Initialisation de Coyote HTTP/1.1 sur http-0.0.0.0-8080

Michael