-
1. Re: How to configure JBoss 7 + httpd + mod_cluster with ssl between httpd and JBoss
rhusar Mar 7, 2012 7:01 AM (in response to jairo.gubler)If you have problems setting up you might be running into a known issue, https://issues.jboss.org/browse/AS7-3869 will be fixed in next realease.
-
2. Re: How to configure JBoss 7 + httpd + mod_cluster with ssl between httpd and JBoss
jairo.gubler Mar 7, 2012 12:03 PM (in response to rhusar)My difficulty is about the whole configuration. It's not easy to understand all the steps needed to configure SSL when using httpd/mod_cluster with JBoss.
I'm a little confused about the digital certificate files.
Some of my configuration files:
=== httpd.conf ====
<IfModule manager_module>
Listen 192.168.171.129:8888
ManagerBalancerName test
<VirtualHost 192.168.171.129:8888>
<Location />
Order deny,allow
Deny from all
Allow from 192.168.
</Location>
KeepAliveTimeout 300
MaxKeepAliveRequests 0
ServerAdvertise on
#ServerAdvertise on http://@IP@:6666
AdvertiseFrequency 5
#AdvertiseSecurityKey secret
#AdvertiseGroup @ADVIP@:23364
EnableMCPMReceive
<Location /mod_cluster_manager>
SetHandler mod_cluster-manager
Order deny,allow
Deny from all
Allow from 192.168.
</Location>
</VirtualHost>
Listen 6666
<VirtualHost 192.168.171.129:6666>
SSLEngine on
SSLCipherSuite AES128-SHA:ALL:!ADH:!LOW:!MD5:!SSLV2:!NULL
SSLCertificateFile conf/server.crt
SSLCertificateKeyFile conf/server.key
SSLCACertificateFile conf/server-ca.crt
SSLVerifyClient require
SSLVerifyDepth 10
</VirtualHost>
</IfModule>
SSLProxyEngine On
SSLProxyVerify require
SSLProxyCACertificateFile conf/cacert.pem
SSLProxyMachineCertificateFile conf/proxy.pem
==== error_log (apache httpd) ====
[Wed Mar 07 13:50:46 2012] [warn] no client certs found for SSL proxy
========= standalone-full-ha.xml ==========================
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" enable-lookups="false" secure="true">
<ssl name="ssl" key-alias="jboss" password="xxxxxxx" protocol="ALL" verify-client="false" certificate-file="/opt/CERTS/jboss_ssl.keystore"/>
</connector>
=====================================================
-
3. Re: How to configure JBoss 7 + httpd + mod_cluster with ssl between httpd and JBoss
traian20 Apr 2, 2012 10:43 AM (in response to jairo.gubler)I also find extremely difficult to understand all the required steps needed to configure the SSL communication between HTTPD and Jboss7.1.x.
The entire mod_cluster documentation is JbossWEB centered (http://docs.jboss.org/mod_cluster/1.2.0/html/UsingSSL.html#createsc)
Can someone point out which steps need to be taken, on the HTTPD side(httpd.conf ) and on Jboss7 side (modcluster subsystem configuration, HTTPS connector,...) ?
-
4. Re: How to configure JBoss 7 + httpd + mod_cluster with ssl between httpd and JBoss
kclair-rei May 14, 2013 2:58 PM (in response to traian20)I am also having this issue. I was able to set up the apache end, but it's not at all clear where to put the ssl settings in the JBoss AS 7.x standalone.xml or domain.xml file.