[jboss-jira] [JBoss JIRA] (WFLY-1440) How to configure ssl with mod_cluster and JBoss 7.1.1

Jose Giner (JIRA) jira-events at lists.jboss.org
Fri Jun 7 03:44:55 EDT 2013 

     [ https://issues.jboss.org/browse/WFLY-1440?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jose Giner closed WFLY-1440.
----------------------------



Move to forums
                
> How to configure ssl with mod_cluster and JBoss 7.1.1
> -----------------------------------------------------
>
>                 Key: WFLY-1440
>                 URL: https://issues.jboss.org/browse/WFLY-1440
>             Project: WildFly
>          Issue Type: Feature Request
>         Environment: - One LPAR with AIX 7.1, mod_cluster 1.1.3, http 2.2.14
> - Two LPAR with AIX 7.1, JBoss 7.1.1. Final 
>            Reporter: Jose Giner
>            Priority: Blocker
>
> Hi,
> We configure three LPAR with AIX7.1:
> - One LPAR for Web with mod_cluster 1.1.3 and http 2.2.14
> - Two LPAR for JBoss 7.1.1 Final.
> Now we want to securize the Web LPAR.
> 1.- We create a local certificate on Web LPAR:
> openssl genrsa -des3 -out server.key 1024
> openssl req -new -key server.key -out server.csr
> openssl req -new -key server.key -out server.csr
> openssl x509 -req -days 730 -in server.csr -signkey server.key -out server.crt
> 2.- We comment the line "Include conf/extra/httpd-vhosts.conf" on httpd.conf
> 3.- We uncommnet the line "Include conf/extra/httpd-ssl.conf" on httpd.conf
> 4.- We copy the content of conf/extra/httpd-vhosts.conf at the bottom of conf/extra/httpd-ssl.conf and change the port 10001 by 443 and add SSL configuration:
> </VirtualHost>
> Listen 192.168.34.19:443
> MemManagerFile /var/cache/httpd
> <VirtualHost 192.168.34.19:443>
> SSLEngine on
> SSLCipherSuite AES128-SHA:ALL:!ADH:!LOW:!MD5:!SSLV2:!NULL
> SSLCertificateFile pki/server.crt
> SSLCertificateKeyFile pki/server.key
> SSLVerifyClient require
> SSLVerifyDepth 10
> <Directory />
> Order deny,allow
> Allow from all
> </Directory>
> KeepAliveTimeout 60
> MaxKeepAliveRequests 0
> ManagerBalancerName other-server-group
> AdvertiseFrequency 5
> #This directive allows you to view mod_cluster status at URL http://192.168.34.19:10001/mod_cluster-manager
> <Location /mod_cluster-manager>
> SetHandler mod_cluster-manager
> Order deny,allow
> Allow from all
> </Location>
> </VirtualHost>
> but we cannot connect using https://.....
> Anything wrong? We must configure something in JBoss?
> Regards,

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list