How to configure SSL in OutSystems Platform with JBoss 7.1.1 AS or JBoss EAP 6.2

How to configure SSL in OutSystems Platform with JBoss 7.1.1 AS or JBoss EAP 6.2

  
The OutSystems Platform for JBoss AS 7 / JBoss EAP 6.2 already comes prepared to quickly add an SSL certificate.

In a nutshell what you need to do is:

1) add the certificate to the keystore
2) activate the SSL connector


This post will explain step by step what needs to be done.

1) In a shell using the root user type the following commands to setup your environment to use the correct tools:

   source /etc/sysconfig/outsystems
   export PATH=$PATH:$JAVA_HOME/bin

2) go to the jboss configuration directory:

    cd $JBOSS_HOME/standalone/configuration/

3) add your certificate to the outsystems keystore (the default password is outsystems)

     keytool -genkey -keyalg RSA -alias $(hostname) -keystore server.keystore -storepass outsystems -validity 360 -keysize 2048

The above command will create a self-signed certificate with the same name as the server hostname and add it to the outsystems keystore ( server.keystore ). You may want to add your own certificate, and for that you may need other keytool commands. Refer to this article for a list of useful commands.

Note that self-signed certificates will not be accepted by browsers / applications, so you may need to take further measures if using this command for full functionality. We advise you to install a properly signed certificate.

4) enable the SSL connector. Open the standalone-outsystems.xml file, find the following configuration:

<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true" enabled="false">

remove the enabled="false" attribute:

<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true" >

You may also need to change the <ssl> sub element if you are using a different keystore (with another password), or if you have added several certificates you may need to add a key-alias attribute to identify which certificate to use.

5) restart jboss

    service jboss-outsystems restart

You should now be able to connect to your server via https.

Best regards,
Ricardo Silva