一、生成数字签名

1. 生成JKS文件

keytool -genkey -keyalg RSA -alias jbosskey -keystore jbosskey.jks

在win7系统中,该文件的默认路径是 C:\Users\rigid

2. 导出证书

keytool -export -alias jbosskey -file jbosskey.cer -keystore jbosskey.jks

在win7系统中,该文件的默认路径是 C:\Users\rigid

3. 查看jks文件的详情

keytool -list -keystore jbosskey.jks

二、配置JBOSS SSL

1. 拷贝jks和cer文件到%JBOSS_HOME%/server/default/conf下

2. 修改jboss-4.2.3.GA\server\default\deploy\jboss-web.deployer\server.xml

增加

keystoreFile="${jboss.server.home.dir}/conf/jbosskey.jks"
keystorePass="1qazxsw2"

 <Connector port="8080" address="${jboss.bind.address}"
maxThreads="250" maxHttpHeaderSize="8192"
emptySessionPath="true" protocol="HTTP/1.1"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" /> <!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the JSSE configuration, when using APR, the
connector should be using the OpenSSL style configuration
described in the APR documentation -->
<!--
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
address="${jboss.bind.address}"
scheme="https" secure="true" clientAuth="false"
keystoreFile="${jboss.server.home.dir}/conf/jbosskey.jks"
keystorePass="1qazxsw2" sslProtocol = "TLS" />
05-11 22:12