Create JKS trust store using Java keytool utility
# Import VeriSign root certificate keytool -import -v -keystore my.truststore -alias VeriSign_Root -storepass changeit -file VeriSign,Inc..crt # Import VeriSign intermediate certificate keytool -import -v -keystore my.truststore -alias VeriSignIntermediateCACert -storepass changeit -file VeriSignIntermediateCACert.txt # Import server certificate keytool -import -v -keystore my.truststore -alias server_cert -storepass changeit -file cert.cer # List trust store certificates keytool -list -v -keystore my.truststore
Edit bin/run.conf
# Set trust store file location JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore=</absolute/path/to/trust.store.file>" # Set trust store password JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStorePassword=password" # Turn off host verification if needed #JAVA_OPTS="$JAVA_OPTS -Dorg.jboss.security.ignoreHttpsHost=true" # Turn on ssl handshake debugging if needed #JAVA_OPTS="$JAVA_OPTS -Djavax.net.debug=ssl,handshake"
Restart JBoss
Don’t forget to restart JBoss.