[gatein-commits] gatein SVN: r5051 - epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US.
do-not-reply at jboss.org
do-not-reply at jboss.org
Fri Nov 12 00:48:03 EST 2010
Author: smumford
Date: 2010-11-12 00:48:02 -0500 (Fri, 12 Nov 2010)
New Revision: 5051
Added:
epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/HTTPSConfiguration.xml
Modified:
epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Book_Info.xml
epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Configuration.xml
epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Getting_Started.xml
epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Revision_History.xml
Log:
JBEPP-569: Added HTTPSConfiguration patch from GTNPORTAL-1535. Edited new section.
Modified: epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Book_Info.xml
===================================================================
--- epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Book_Info.xml 2010-11-12 05:07:40 UTC (rev 5050)
+++ epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Book_Info.xml 2010-11-12 05:48:02 UTC (rev 5051)
@@ -12,7 +12,7 @@
<productname>JBoss Enterprise Portal Platform</productname>
<productnumber>5</productnumber>
<edition>1</edition>
- <pubsnumber>1.8</pubsnumber>
+ <pubsnumber>1.9</pubsnumber>
<abstract>
<para>
This book provides information about obtaining, installing and
Modified: epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Configuration.xml
===================================================================
--- epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Configuration.xml 2010-11-12 05:07:40 UTC (rev 5050)
+++ epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Configuration.xml 2010-11-12 05:48:02 UTC (rev 5051)
@@ -9,7 +9,7 @@
<xi:include href="DatabaseConfiguration.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="EMailServiceConfiguration.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="ClusteringConfiguration.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="HTTPSConfiguration.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
-
</chapter>
Modified: epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Getting_Started.xml
===================================================================
--- epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Getting_Started.xml 2010-11-12 05:07:40 UTC (rev 5050)
+++ epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Getting_Started.xml 2010-11-12 05:48:02 UTC (rev 5051)
@@ -10,7 +10,6 @@
<title>Pre-Requisites</title>
<para>
You must have adequate disk space to install a JDK and &PRODUCT; (about 520MB) while also allowing enough space for your applications. Before installing &PRODUCT; you must have a working installation of Java. Since JBoss is 100% pure Java you can have it working on any Operating System / Platform that supports Java.
- <!--However, only some combinations are certified (tested prior to shipping) or supported (on which you can open support tickets), the certified combinations are listed below. -->
</para>
<section id="Pre_Requisites-EAP">
<title>Enterprise Application Platform</title>
@@ -49,7 +48,7 @@
The server configuration including the selected log files, their designated size and general server tuning.
</para>
</listitem>
- </itemizedlist>
+ </itemizedlist>
<para>
The following discussion relates to the deployment of a simple application on a server experiencing minimal demand. In view of this, the absolute minimum requirements for an operational server are:
</para>
@@ -210,10 +209,10 @@
</table>
<para>
- The following is a <emphasis role="bold">cumulative</emphasis> list of supported databases and JDBC drivers.
+ The following is a <emphasis role="bold">cumulative</emphasis> table of supported databases and JDBC drivers.
</para>
<para>
- Entries shown for each release are supported in <emphasis>addition</emphasis> to those in previous releases:
+ Entries shown for each release are supported <emphasis role="bold">in addition to those in previous releases</emphasis>:
</para>
<indexterm>
<primary>System Requirements</primary>
Added: epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/HTTPSConfiguration.xml
===================================================================
--- epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/HTTPSConfiguration.xml (rev 0)
+++ epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/HTTPSConfiguration.xml 2010-11-12 05:48:02 UTC (rev 5051)
@@ -0,0 +1,116 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "Installation_Guide.ent">
+%BOOK_ENTITIES;
+]>
+<section id="sect-Installation_Guide-HTTPS_Configuration">
+ <title>HTTPS Configuration</title>
+
+ <section id="sect-Installation_Guide-HTTPS_Configuration-Overview">
+ <title>Overview</title>
+ <para>
+ &PRODUCT; runs, by default, in HTTP mode. However, for security purposes, you can configure it to run in HTTPS mode. This section explains how to run &PRODUCT; in HTTPS mode.
+ </para>
+
+ </section>
+ <section id="sect-Installation_Guide-HTTPS_Configuration-Generate_Key">
+ <title>Generate your key</title>
+ <para>
+ If you haven't a X.509 certificate, you can make a simple certificate using the <command>keytool</command> command:
+ </para>
+ <procedure>
+ <title><emphasis role="bold"></emphasis></title>
+ <step>
+ <para>
+ Change the variables in the following command to suit your circumstances then run it a terminal:
+ </para>
+<programlisting>keytool -genkey -alias serverkeys -keyalg RSA -keystore server.keystore -storepass 123456 -keypass 123456 -dname "CN=localhost, OU=MYOU, O=MYORG, L=MYCITY, ST=MYSTATE, C=MY"</programlisting>
+ <para>
+ Your key will be stored in <filename>server.keystore</filename>
+ </para>
+ </step>
+ <step>
+ <para>
+ Import your key into the Sun JDK keystore (this is required to help running gadget features) with the following command:
+ </para>
+<programlisting>keytool -importkeystore -srckeystore server.keystore -destkeystore $JAVA_HOME/jre/lib/security/cacerts</programlisting>
+ </step>
+ </procedure>
+ </section>
+
+ <section id="sect-Installation_Guide-HTTPS_Configuration-Use_In_Jboss">
+ <title>Setup JBoss configuration to use your key</title>
+ <para>
+ To set the JBoss configuration to use the new key:
+ </para>
+ <procedure>
+ <title><emphasis role="bold"></emphasis></title>
+ <step>
+ <para>
+ Comment the following lines in <filename>jboss/server/<replaceable>PROFILE</replaceable>/deploy/jbossweb.sar/server.xml</filename>:
+ </para>
+<programlisting><![CDATA[<Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}"
+ connectionTimeout="20000" redirectPort="8443" >
+]]></programlisting>
+ </step>
+ <step>
+ <para>
+ Uncomment the following lines...
+ </para>
+<programlisting><![CDATA[<Connector protocol="HTTP/1.1" SSLEnabled="true"
+ port="8443" address="${jboss.bind.address}"
+ scheme="https" secure="true" clientAuth="false"
+ keystoreFile="$JAVA_HOME/jre/lib/security/cacerts"
+ keystorePass="123456" sslProtocol = "TLS" />
+]]></programlisting>
+ <para>
+ ...and change the values of <literal>keystoreFile</literal> and <literal>keystorePass</literal> to values of your key.
+ </para>
+ </step>
+ </procedure>
+ </section>
+
+ <section id="sect-Installation_Guide-HTTPS_Configuration-Use_In_Tomcat">
+ <title>Setup Tomcat configuration to use your key</title>
+ <para>
+ To set the Tomcat configuration to use the new key:
+ </para>
+ <procedure>
+ <title><emphasis role="bold"></emphasis></title>
+ <step>
+ <para>
+ Comment the following lines in <filename>tomcat/conf/server.xml</filename>:
+ </para>
+<programlisting><![CDATA[<Connector port="8080" protocol="HTTP/1.1"
+ maxThreads="150" connectionTimeout="20000"
+ redirectPort="8443" URIEncoding="UTF-8"
+ emptySessionPath="true"/ >
+]]></programlisting>
+ </step>
+ <step>
+ <para>
+ Uncomment the following lines...
+ </para>
+<programlisting><![CDATA[<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
+ maxThreads="150" scheme="https" secure="true"
+ clientAuth="false" sslProtocol="TLS"
+ keystoreFile="$JAVA_HOME/jre/lib/security/cacerts"
+ keystorePass="123456" />
+]]></programlisting>
+ <para>
+ ...and change the values of <literal>keystoreFile</literal> and <literal>keystorePass</literal> to values of your key.
+ </para>
+ </step>
+ </procedure>
+ </section>
+ <section>
+ <title><emphasis role="bold">Restart</emphasis></title>
+ <para>
+ Once you have configured your environment, restart your &PRODUCT; instance.
+ </para>
+ <para>
+ You can now access the portal via address: <literal>https://<replaceable><ServerAddress></replaceable>:8443/portal</literal>
+ </para>
+ </section>
+</section>
Modified: epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Revision_History.xml
===================================================================
--- epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Revision_History.xml 2010-11-12 05:07:40 UTC (rev 5050)
+++ epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Revision_History.xml 2010-11-12 05:48:02 UTC (rev 5051)
@@ -8,8 +8,21 @@
<title>Revision History</title>
<simpara>
<revhistory>
-
- <revision>
+ <revision>
+ <revnumber>1-1.9</revnumber>
+ <date></date>
+ <author>
+ <firstname>Scott</firstname>
+ <surname>Mumford</surname>
+ <email>smumford at redhat.com</email>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member>Added and edited HTTPS Configuration section.</member>
+ </simplelist>
+ </revdescription>
+ </revision>
+ <revision>
<revnumber>1-1.8</revnumber>
<date>Tue Oct 26 2010</date>
<author>
More information about the gatein-commits
mailing list