kishore routhu [https://community.jboss.org/people/kishorerouthu] created the discussion "Problem of configuring SSL for Https in Jboss AS 7" To view the discussion, visit: https://community.jboss.org/message/821464#821464 -------------------------------------------------------------- Actually we are migrating from Jboss-4.2.2GA to Jboss As7 it is good to work with Jboss As7 but the problem is that in Jboss-4.2.2GA the SSL is enabled and working fine for HTTPS with port 8443 for given following configuration (1) in Server.xml. 1. SSL Configuration for Https Secure port in *Jboss-4.2.2 GA*    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"                maxThreads="250" scheme="https" secure="true"                clientAuth="false"                strategy="ms"                address="${jboss.bind.address}"  *   keystoreFile="${jboss.server.home.dir}/conf/ssl/2013-cert/working/server.keystore"*               keystorePass="123456"               keystoreType="pkcs12"               sslProtocol="TLS"               SSLHonorCipherOrder="On"               ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA"   /> Where as in *Jboss AS7* with given following configuration (2) in Standalone.xml when start up jboss it throws the following error observed in server.log 2. SSL Configuration for Https Secure port in Jboss As7 <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host">             <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" redirect-port="8443" secure="true" max-connections="400">                 <ssl name="ssl" password="123456" *  certificate-key-file="/www/jboss7/standalone/configuration/ssl/ssl.domainname.crt"*      cipher-suite="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA" protocol="TLSv1" verify-client="false"                     verify-depth="10"                     keystore-type="PKCS12"                     truststore-type="PKCS12"/>             </connector>             <virtual-server name="default-host" enable-welcome-root="true">                 <alias name="localhost"/>                 <alias name="vela"/>             </virtual-server>         </subsystem> RROR [org.apache.coyote.http11.Http11AprProtocol] (MSC service thread 1-2) Error initializing endpoint: java.lang.Exception: Unable to configure permitted SSL ciphers (error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match)           at org.apache.tomcat.jni.SSLContext.setCipherSuite(Native Method) [jbossweb-7.0.13.Final.jar:]           at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:642) [jbossweb-7.0.13.Final.jar:]           at org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:121) [jbossweb-7.0.13.Final.jar:]           at org.apache.catalina.connector.Connector.init(Connector.java:983) [jbossweb-7.0.13.Final.jar:]           at org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:267) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]           at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]           at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]           at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_13]           at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_13]           at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_13] 07:00:50,361 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC00001: Failed to start service jboss.web.connector.https: org.jboss.msc.service.StartException in service jboss.web.connector.https: JBAS018007: Error starting web connector           at org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:271)           at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]           at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]           at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_13]           at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_13]           at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_13] Caused by: LifecycleException:  Protocol handler initialization failed: java.lang.Exception: Unable to configure permitted SSL ciphers (error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match)           at org.apache.catalina.connector.Connector.init(Connector.java:985)           at org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:267)           ... 5 more Following is KeyStore information ==================================== Enter keystore password:  Keystore type: PKCS12 Keystore provider: SunJSSE Your keystore contains 1 entry Alias name: 1 Creation date: Jun 5, 2013 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: Do i need any changes in configuration of Jboss AS7 to Successfully enable SSL in as compared to Jboss 4.2.2GA ? what "keystoreFile" element in Jboss 4.2.2GA configuration represents and what "certificate-key-file" element in Jboss AS7 configuration represents These two represents same (i.e keystore) or different ? Please suggest me for the above so that can move further. Thank you in advance -------------------------------------------------------------- Reply to this message by going to Community [https://community.jboss.org/message/821464#821464] Start a new discussion in JBoss AS 7 Development at Community [https://community.jboss.org/choose-container!input.jspa?contentType=1&...]