Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

[AEM Gems Webinar] Accelerating Experience Manager as a Cloud Service development with Rapid Development Environments
Adobe Summit 2023 | Complete list of AEM Sessions & Labs

SSL and Active Directory


Level 1


I've installed LC turnkey and set up the Right Management service.

I try now to replace the self signed certificate by one generated by my Active Directory internal Certification Authority.

https never going on so I would like to know the certificate characteristics to start ssl successfully.

I know that the key must be 1024 bits and exportable.

What's the Enhanced Key Usage needed and the others properties ?



Capgemini France

2 Replies


Level 9


What are the steps that you followed to replace the self-signed cert.  Did you update the SSL configuration section of the "server.xml" config file for JBoss?

What error is any do you receive when you attempt to connect to the https url in a web browser?



Level 1


I've generated a certificate from my internal CA.

I generated the server certificate and convert it to private.pem and cert.pem.

I've also converted my CA certificate into pem format

I've imported my ca into the java cacerts.

Here is the part of server.xml file for https :

<Connector port="8443" address="${jboss.bind.address}" protocol="org.apache.coyote.http11.Http11AprProtocol" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
               SSLCertificateKeyFile="C:\Adobe\Adobe LiveCycle ES2\jboss\server\lc_turnkey\conf\rsa-private-key.pem"
               SSLCertificateFile="C:\Adobe\Adobe LiveCycle ES2\jboss\server\lc_turnkey\conf\self-signed-cert.pem"

Paths are good.

When I restart the JBoss Service, the server.log stay here :

2010-09-17 15:58:02,567 INFO  [org.apache.coyote.http11.Http11AprProtocol] Initialisation de Coyote HTTP/1.1 sur http-