| Wiki Markup |
|---|
{scrollbar} |
| Excerpt |
|---|
You can connect to a running server through a SSL tunnel by specifying the location of the trusted keystore file to |
geronimo-default, which locates at /var/security/keystores/ directory. Follow the instructions below to complete a SSL connection to the Geronimo server.
- Enable a system plug-in named
org.apache.geronimo.framework/jmx-security//carusing start sub-command or via the administrative console on the server. - Create a key file containing the password pairs used to connect to the server, which will be like:
Where secret is the default password of keystorePanel borderStyle dashed title keystorePasswordfile.key keyStorePassword=secret
trustStorePassword=secretgeronimo-defaultin the server. For better security, use encrypt sub-command to encrypt the plain text password in the file. By default, the content ofkeystorePasswordfile.keyfile is from/var/config/config-substitutions.propertiesfile. - Save the file to your preferred location such as myDir and then export the location of keystorePasswordfile.key file to
org.apache.geronimo.keyStoreTrustStorePasswordFile.indent 0 0 * On a Linux system {panel:borderStyle=dashed} export JAVA_OPTS="-Dorg.apache.geronimo.keyStoreTrustStorePasswordFile=$_myDir_/KeystoreTrustSotrePasswordFile.key" {panel}indent 0 0 * On a Windows system {panel:borderStyle=dashed} set JAVA_OPTS="-Dorg.apache.geronimo.keyStoreTrustStorePasswordFile=%_myDir_%/KeystoreTrustSotrePasswordFile.key" {panel} - Initiate a connecting request to the server via SSL, then you will see the connection is successfully acquired. For example, using available commands on the server that support --secure option.