bpurcell.org - HTTPS for Integrated JRun Web Server (JWS) SSL
Calendar
<< September 2010 >>
SunMonTueWedThuFriSat
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30    

Subject Archives
Amazon EC2 (15)
ColdFusionMX (155)
Corvette (3)
Flash Lite (4)
Flash Media Server (5)
Flash Player (3)
Flex (39)
General Web Dev (14)
HDTV (3)
Jboss (1)
Jquery (2)
JRun (59)
Max 2003 (3)
Other (33)
PC Hardware (16)
Software (17)
SpatialKey (7)
Wireless (8)
Working Out (1)

RSS Feed
Feed Listing

Site Contents
Home
My Blog
ColdFusion
JRun
Flex
Wireless & Networking
Hardware & Gadgets
HDTV
Software Picks
Pictures
Contact Me
Search


My Articles & Papers
Flex Performance
Server/Client
mm.com Under the Hood
Multiple Instances of CFMX
Multiple Instance Config
NLB with ColdFusion
Clustering CFMX for J2EE
Multi-Tier Hardware LB w CFMX
Cisco CSS & Coldfusion MX
JRun 4 Jini based Clustering
WiFi Growth
2ID Tacweb

Other Hobbys
Body-For-Life Challenge

Personal Projects
Family Pool
Deck Gate

username:
password:
 
 
Viewing Individual Entry / Main
August 26, 2005
HTTPS for Integrated JRun Web Server (JWS) SSL

I do a lot of testing with SSL and many times I don't want to configure an external web server. It seems like everytime I need to configure a JRun web server (JWS) for SSL I never have the steps available to do it. I have done testing with Flash Remoting, Flex and other various apps for SSL testing. The certificate is not a signed certificate but it will work for testing purposes. There are only two things you need - a keystore and a section in your jrun.xml telling JRun to use it....

The keystore:

To create your own keystore it is pretty simple just follow the instructions below. At a command prompt run the following line:

keytool -genkey -alias {name} -validity 9999 -keyalg RSA -keystore c:\my.keystore -keypass changeit -storepass changeit

Chose your -alias based on the hostname you will use SSL through. For instance, if you are accessing this locally use the alias localhost.

You will then be prompted for more information. At the first prompt enter the same name that you used in the command above. The rest is arbitrary.

This will create a keystore containing a certificate for your server.

Configuring JRun
  1. Put your keystore file (either canned or that you created) into JRun4/lib.
  2. Open up your jrun.xml file (in JRun4/servers/{your server}/SERVER-INF) and add this SSLService declaration after the WebService declaration. The two items that are of most interest are keyStore and port. If you created your own keystore then replace localhost.keystore with the name of yours (my.keystore in the example above).

    <service class="jrun.servlet.http.SSLService" name="SSLService"> <attribute name="port">9100</attribute> <attribute name="keyStore">{jrun.rootdir}/lib/localhost.keystore</attribute> <attribute name="keyStorePassword">changeit</attribute> <attribute name="trustStore">{jrun.rootdir}/lib/trustStore</attribute> <attribute name="socketFactoryName">jrun.servlet.http.JRunSSLServerSocketFactory</attribute> <attribute name="deactivated">false</attribute> <attribute name="bindAddress">*</attribute> <attribute name="interface">*</attribute> <attribute name="clientAuth">false</attribute> </service>

  3. Restart JRun and request a page using https://{your server}:9100
Posted at 10:08 AM. | Link | JRun | Comments (2)

Comments

I have found with CF 8 that you must start jrun4 with the following property in order to get this working correctly... This was a hint given to my team by Adobe support, btw:

-Dcoldfusion.disablejsafe=true

Posted by Ryan Connolly at 4/15/10 6:30 AM

Ryan,

Thanks, that worked! I spent a few hours crawling the net trying to get this to work in CF 8.

FYI. this setting needs to be appended to the end of the java.args parameter inside your {jrun}/bin/jvm.config file.

Eric P.

Posted by Eric P at 4/19/10 8:08 AM

  
Page Render Time:203