8.3. Implement SSL Encryption for the JBoss EAP 6 Web Server

Procedure 8.1. Configure the JBoss Web Server to use HTTPS

1. Add a new HTTPS connector.

   Execute the following Management CLI command, changing the profile as appropriate. This creates a new secure connector, called HTTPS, which uses the https scheme, the https socket binding (which defaults to 8443), and is set to be secure.

   Example 8.1. Management CLI Command

   /profile=default/subsystem=web/connector=HTTPS/:add(socket-binding=https,scheme=https,protocol=HTTP/1.1,secure=true)
   

   Copy to Clipboard Toggle word wrap

2. Configure the SSL encryption certificate and keys.

   Execute the following CLI commands to configure your SSL certificate, substituting your own values for the example ones. This example assumes that the keystore is copied to the server configuration directory, which is EAP_HOME/domain/configuration/ for a managed domain.

   Example 8.2. Management CLI Command

   /profile=default/subsystem=web/connector=HTTPS/ssl=configuration:add(name=https,certificate-key-file="${jboss.server.config.dir}/keystore.jks",password=SECRET, key-alias=KEY_ALIAS)
   

   Copy to Clipboard Toggle word wrap

   For a full listing of parameters you can set for the SSL properties of the connector, refer to Section 8.5, “SSL Connector Reference”.

3. Deploy an application.

   Deploy an application to a server group which uses the profile you have configured. If you use a standalone server, deploy an application to your server. HTTP requests to it use the new SSL-encrypted connection.