Starting from Geronimo 2.1.5, users can connect to a running server through a SSL tunnel by specifying the location of the trusted keystore file to
org.apache.geronimo.keyStoreTrustStorePasswordFile. The default SSL keystore of the Geronimo server is
geronimo-default, which locates at
Follow the instructions below to complete a SSL connection to the Geronimo server.
- Enable a system plug-in named
org.apache.geronimo.framework/jmx-security/2.1.5/carusing start sub-command or via the administration console on the server.
- Create a key file containing the password pairs used to connect to the server, which will be like:
Where secret is the default password of keystore
geronimo-defaultin the server. For better security, use encrypt sub-command to encrypt the plain text password in the file. By default, the content of
keystorePasswordfile.keyfile is from
- Save the file to your preferred location such as myDir and then export the location of keystorePasswordfile.key file to
- Initiate a connecting request to the server via SSL, then you will see the connection is successfully acquired. For example, using available commands on the server that support --secure option.