2 Replies Latest reply on Aug 28, 2013 6:28 AM by carlogo

    How to define multiple HTPPS connections in JBoss AS 7

    viggo.navarsete

      I have a requirement to have two HTTPS connections at the same time on different ports in JBoss AS7. In standalone-full.xml I can define two connector elements within the subsystem "urn:jboss:domain:web:1.1", one with http and one with https, like this:

             <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">

                  <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>

                  <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">

                            <ssl ></ssl>

                  </connector>

                  <virtual-server name="default-host" enable-welcome-root="true">

                      <alias name="localhost"/>

                      <alias name="example.com"/>

                  </virtual-server>

              </subsystem>

       

      There is also something called socked-binding-group which sets up default settings for various things, and among settings also which port is used for http and https, like this:

          <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">

              <socket-binding name="http" port="8080"/>

              <socket-binding name="https" port="8443"/>

              <socket-binding name="jacorb" interface="unsecure" port="3528"/>

              <socket-binding name="jacorb-ssl" interface="unsecure" port="3529"/>

              <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>

              <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>

              <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/>

              <socket-binding name="messaging" port="5445"/>

              <socket-binding name="messaging-throughput" port="5455"/>

              <socket-binding name="osgi-http" interface="management" port="8090"/>

              <socket-binding name="remoting" port="4447"/>

              <socket-binding name="txn-recovery-environment" port="4712"/>

              <socket-binding name="txn-status-manager" port="4713"/>

              <outbound-socket-binding name="mail-smtp">

                  <remote-destination host="localhost" port="25"/>

              </outbound-socket-binding>

          </socket-binding-group>

       

      Is it possible at all to have several https connections, and if yes, how?

        • 1. Re: How to define multiple HTPPS connections in JBoss AS 7
          viggo.navarsete

          I tried with the following in my standalone-full.xml, and it seems to work, but I would be greatful if anyone from the JBoss team would acknowlede it:)

           

          What I basically did was:

          1. Added a new socket-binding within the socked-binding-group and called it "httpsGAP" and give it the port 9443

          2. Added a new connector within the subsystem "urn:jboss:domain:web:1.1" and referred to the new socket binding:

           

                  <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">

                      <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>

                      <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">

                                <ssl name="ssl" password="${tix.server.jks}kspw" certificate-key-file="${jboss.server.base.dir}/configuration/security/${tix.server.jks}.jks" ca-certificate-file="" ca-certificate-password="changeit" truststore-type="JKS" verify-client="true"/>

                      </connector>

                      <connector name="httpsGAP" protocol="HTTP/1.1" scheme="https" socket-binding="httpsGAP" secure="true">

                                <ssl name="ssl" password="${tix.server.jks}kspw" certificate-key-file="${jboss.server.base.dir}/configuration/security/${tix.server.jks}.jks" ca-certificate-file="" ca-certificate-password="changeit" truststore-type="JKS" verify-client="true"/>

                      </connector>           

                      <virtual-server name="default-host" enable-welcome-root="true">

                          <alias name="localhost"/>

                          <alias name="example.com"/>

                      </virtual-server>

                  </subsystem>

           

              <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">

                  <socket-binding name="http" port="8080"/>

                  <socket-binding name="https" port="8443"/>

                  <socket-binding name="httpsGAP" port="9443"/>

                  <socket-binding name="jacorb" interface="unsecure" port="3528"/>

                  <socket-binding name="jacorb-ssl" interface="unsecure" port="3529"/>

                  <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>

                  <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>

                  <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/>

                  <socket-binding name="messaging" port="5445"/>

                  <socket-binding name="messaging-throughput" port="5455"/>

                  <socket-binding name="osgi-http" interface="management" port="8090"/>

                  <socket-binding name="remoting" port="4447"/>

                  <socket-binding name="txn-recovery-environment" port="4712"/>

                  <socket-binding name="txn-status-manager" port="4713"/>

                  <outbound-socket-binding name="mail-smtp">

                      <remote-destination host="localhost" port="25"/>

                  </outbound-socket-binding>

              </socket-binding-group>

           

          Is it as easy as I've described it? It seems to work though, no errors in the log, and the ouput indicates that it's working:

          14:28:17,570 INFO  [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-1) Starting Coyote HTTP/1.1 on http--0.0.0.0-8080

          14:28:17,789 WARN  [org.jboss.as.messaging] (MSC service thread 1-3) JBAS011600: AIO wasn't located on this platform, it will fall back to using pure Java NIO. If your platform is Linux, install LibAIO to enable the AIO journal

          14:28:17,981 INFO  [org.jboss.as.jacorb] (MSC service thread 1-1) JBAS016330: CORBA ORB Service started

          14:28:18,107 INFO  [org.jboss.as.server.deployment.scanner] (MSC service thread 1-1) JBAS015012: Started FileSystemDeploymentService for directory /home/viggo/workspace/TIX_TRUNK/TIX/target/jboss-as-7.1.0.Final/standalone/deployments

          14:28:18,158 INFO  [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-4) Starting Coyote HTTP/1.1 on http--0.0.0.0-9443

          14:28:18,171 INFO  [org.jboss.as.jacorb] (MSC service thread 1-1) JBAS016328: CORBA Naming Service started

          14:28:18,172 INFO  [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-2) Starting Coyote HTTP/1.1 on http--0.0.0.0-8443

          14:28:18,189 INFO  [org.jboss.as.remoting] (MSC service thread 1-2) JBAS017100: Listening on /127.0.0.1:9999

          14:28:18,210 INFO  [org.jboss.as.remoting] (MSC service thread 1-2) JBAS017100: Listening on /0.0.0.0:4447

          • 2. Re: How to define multiple HTPPS connections in JBoss AS 7
            carlogo

            Many thanks, Viggo. I needed it on http port and no problem with your solution.

             

            Carlos.