Skip to main content

JEAP 6 - JBoss 加入SSL

雖然我不知道為啥有人想要知道... 因為通常都是用Apache 在最前面不是嗎?
應該是對Apache 加SSL不是JBoss 吧?
如果連Apache 跟 JBoss 之間都要加密,這樣效能不會很差嗎?@o@
或者有誰可以來解答我的疑問。Anyway,

要在JBoss 上提供 SSL,請自己弄一個Key Store來! (別人給的,自己發的都可以!)

PS. 不會發keystore 可以參考我的做法。
執行JDK 內建的keytool 
keytool -genkey -alias jboss -keyalg RSA -keystore jeap6.keystore -validity 3650

如下:

1. 先把憑證keystore 放到一個JBoss 可以看見的資料夾,
我是在 $JBoss_home 下建立一個keystores 的目錄。把憑證放進去。

2. 看你是用Standalone 還是 domain mode, 到 standalone(-*).xml 或是 domain.xml 下找到jboss:domain:web:1.1 這個Subsystem.
原先,你應該只看見有個 http 的 connector


......

在下面加上新的 https connector, 

            
            
                
            
            
                
                
            

https 的 Connector 設定,加上secure = true 是為了讓系統在call 
的時候會回傳true
socket-binding default 是 8443

ssl 上的設定,
password 設定在keystore的密碼
key-alias 設定在keystore的 alias 名稱,default 是 jboss
certificate-key-file 是放keystore的位置

放置上去後,重開JBoss, 就可以試試看了!
https://localhost:8443/
(如果你是自己發的憑證,第一次瀏覽器會顯示不安全。因為是自己發的關係,請不用在意。)




至於要如何幫Apache httpd 加上ssl, 可以參考以下的網址喔!
http://www.digicert.com/ssl-certificate-installation-apache.htm

Comments

卓俊宇 said…
jboss+ssl的目的應該是公司內網,不同系統相互溝通需要(不經過apache)
Gavin Chen said…
也有直接把JBoss拿來作對外網站用的喔~
(我們就是...)

Popular posts from this blog

Red Hat JBoss Fuse/A-MQ - Fuse and A-MQ Version 6.3 GA is released!

Fuse and A-MQ 6.3 GA has just went out. Maybe, you would think this is just only a minor version release why should I care? Hold your thoughts on that! Because they have done a lot of improvements and also added many new features into this release.

Besides various bug fixes and making sure Fuse Fabric is much more stable. There are two major change in this version update:

New Tooling in JBoss Developer Studio (JBDS) 9.1 GA. Newer Apache Camel version – Camel v2.17. I was really impressed by the work put in to make developing Camel application much simpler. First is the installation of tooling itself. Now it has a all-in-one installer so you don't need to worry about which plugins you need to check. See the videos below to see the new "Getting Started" of Fuse 6.3.



And If you notice from the above video, the presentation of camel route in JBDS has also updated. It fixed some of the miss representation of logic and making it easier to read.

Old Camel Route
New Camel Route
On …

Fuse Integration Service - Setup JBDS and create first quickstart application

Before we go and start creating our first application, I want to show you how to setup your JBoss Developer Studio, create a small application from the quickstart example and then running it on Fuse Integration Service.

I am using JBoss Developer Studio version 9, you can find it here.
After download the

jboss-devstudio-9.0.0.GA-installer-eap.jar
double-click it, and start installing with default values.

After successful installation, we will need install the plugins for Fuse, on JBoss Central view, select software update, select enable early access.


And select JBoss Fuse Development for the plugin,


Click on install, and we are all set to go!

First thing first, we want to create a Fuse project to deploy on the base of Fuse Integration Service, which is OpenShift. If you have not installed it, please go back to my previous post for instructions. So on your JBDS, right click and start creating the project. Select new, maven project, if you have installed the plugin correctly, you should …

Red Hat JBoss Fuse - Getting Started with Fuse Integration Service 2.0 Tech preview

I just realized that I did not do a getting started for Fuse Integration Service 2.0 Tech preview before I did the pipeline demo, thanks for those of you who reminded me! :)

To get started with FIS 2.0, for people who has just getting to know the technology, here is how I interpret it. Basically, it's divide into two aspect,

1. Integration development, FIS uses Apache Camel as the core technology that creates, orchestrate, compose microservices into a super lightweight thin integration layer, and become the API provider and service orchestrator through exposing RESTful or messaging service endpoints. And you can choose to either package and run it with Spring-Boot or Karaf.


2. Application Deployment and Management, FIS takes advantages of OpenShift platform, and allows you to separately deploy the micro-integration service among distributed environment, at the same time takes care of the failover, high availability, load balancing and service lookup problem for you.


So, now we know …