2 Replies Latest reply: Aug 28, 2013 6:28 AM by Carlos Go RSS

How to define multiple HTPPS connections in JBoss AS 7

Viggo Navarsete Expert

I have a requirement to have two HTTPS connections at the same time on different ports in JBoss AS7. In standalone-full.xml I can define two connector elements within the subsystem "urn:jboss:domain:web:1.1", one with http and one with https, like this:

       <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">

            <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>

            <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">

                      <ssl ></ssl>

            </connector>

            <virtual-server name="default-host" enable-welcome-root="true">

                <alias name="localhost"/>

                <alias name="example.com"/>

            </virtual-server>

        </subsystem>

 

There is also something called socked-binding-group which sets up default settings for various things, and among settings also which port is used for http and https, like this:

    <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">

        <socket-binding name="http" port="8080"/>

        <socket-binding name="https" port="8443"/>

        <socket-binding name="jacorb" interface="unsecure" port="3528"/>

        <socket-binding name="jacorb-ssl" interface="unsecure" port="3529"/>

        <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>

        <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>

        <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/>

        <socket-binding name="messaging" port="5445"/>

        <socket-binding name="messaging-throughput" port="5455"/>

        <socket-binding name="osgi-http" interface="management" port="8090"/>

        <socket-binding name="remoting" port="4447"/>

        <socket-binding name="txn-recovery-environment" port="4712"/>

        <socket-binding name="txn-status-manager" port="4713"/>

        <outbound-socket-binding name="mail-smtp">

            <remote-destination host="localhost" port="25"/>

        </outbound-socket-binding>

    </socket-binding-group>

 

Is it possible at all to have several https connections, and if yes, how?

  • 1. Re: How to define multiple HTPPS connections in JBoss AS 7
    Viggo Navarsete Expert

    I tried with the following in my standalone-full.xml, and it seems to work, but I would be greatful if anyone from the JBoss team would acknowlede it:)

     

    What I basically did was:

    1. Added a new socket-binding within the socked-binding-group and called it "httpsGAP" and give it the port 9443

    2. Added a new connector within the subsystem "urn:jboss:domain:web:1.1" and referred to the new socket binding:

     

            <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">

                <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>

                <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">

                          <ssl name="ssl" password="${tix.server.jks}kspw" certificate-key-file="${jboss.server.base.dir}/configuration/security/${tix.server.jks}.jks" ca-certificate-file="" ca-certificate-password="changeit" truststore-type="JKS" verify-client="true"/>

                </connector>

                <connector name="httpsGAP" protocol="HTTP/1.1" scheme="https" socket-binding="httpsGAP" secure="true">

                          <ssl name="ssl" password="${tix.server.jks}kspw" certificate-key-file="${jboss.server.base.dir}/configuration/security/${tix.server.jks}.jks" ca-certificate-file="" ca-certificate-password="changeit" truststore-type="JKS" verify-client="true"/>

                </connector>           

                <virtual-server name="default-host" enable-welcome-root="true">

                    <alias name="localhost"/>

                    <alias name="example.com"/>

                </virtual-server>

            </subsystem>

     

        <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">

            <socket-binding name="http" port="8080"/>

            <socket-binding name="https" port="8443"/>

            <socket-binding name="httpsGAP" port="9443"/>

            <socket-binding name="jacorb" interface="unsecure" port="3528"/>

            <socket-binding name="jacorb-ssl" interface="unsecure" port="3529"/>

            <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>

            <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>

            <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/>

            <socket-binding name="messaging" port="5445"/>

            <socket-binding name="messaging-throughput" port="5455"/>

            <socket-binding name="osgi-http" interface="management" port="8090"/>

            <socket-binding name="remoting" port="4447"/>

            <socket-binding name="txn-recovery-environment" port="4712"/>

            <socket-binding name="txn-status-manager" port="4713"/>

            <outbound-socket-binding name="mail-smtp">

                <remote-destination host="localhost" port="25"/>

            </outbound-socket-binding>

        </socket-binding-group>

     

    Is it as easy as I've described it? It seems to work though, no errors in the log, and the ouput indicates that it's working:

    14:28:17,570 INFO  [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-1) Starting Coyote HTTP/1.1 on http--0.0.0.0-8080

    14:28:17,789 WARN  [org.jboss.as.messaging] (MSC service thread 1-3) JBAS011600: AIO wasn't located on this platform, it will fall back to using pure Java NIO. If your platform is Linux, install LibAIO to enable the AIO journal

    14:28:17,981 INFO  [org.jboss.as.jacorb] (MSC service thread 1-1) JBAS016330: CORBA ORB Service started

    14:28:18,107 INFO  [org.jboss.as.server.deployment.scanner] (MSC service thread 1-1) JBAS015012: Started FileSystemDeploymentService for directory /home/viggo/workspace/TIX_TRUNK/TIX/target/jboss-as-7.1.0.Final/standalone/deployments

    14:28:18,158 INFO  [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-4) Starting Coyote HTTP/1.1 on http--0.0.0.0-9443

    14:28:18,171 INFO  [org.jboss.as.jacorb] (MSC service thread 1-1) JBAS016328: CORBA Naming Service started

    14:28:18,172 INFO  [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-2) Starting Coyote HTTP/1.1 on http--0.0.0.0-8443

    14:28:18,189 INFO  [org.jboss.as.remoting] (MSC service thread 1-2) JBAS017100: Listening on /127.0.0.1:9999

    14:28:18,210 INFO  [org.jboss.as.remoting] (MSC service thread 1-2) JBAS017100: Listening on /0.0.0.0:4447

  • 2. Re: How to define multiple HTPPS connections in JBoss AS 7
    Carlos Go Newbie

    Many thanks, Viggo. I needed it on http port and no problem with your solution.

     

    Carlos.