JBOSS配置SSL

JDK 1.6
JBOSS 6.x

配置密钥文件server.keystore
keytool工具
命令：keytool -genkey -alias tc-ssl -keyalg RSA -keystore d:\keys\server.keystore -validity 3650
输入keystore密码：
再次输入新密码:
您的名字与姓氏是什么？
  [Unknown]：  sso.bluecool.com
您的组织单位名称是什么？
  [Unknown]：  szsf
您的组织名称是什么？
  [Unknown]：  it
您所在的城市或区域名称是什么？
  [Unknown]：  sz
您所在的州或省份名称是什么？
  [Unknown]：  gd
该单位的两字母国家代码是什么
  [Unknown]：  ZH
CN=sso.bluecool.com, OU=szsf, O=it, L=sz, ST=gd, C=ZH 正确吗？
  [否]：  y

输入<tc-ssl>的主密码
        （如果和 keystore 密码相同，按回车）：
再次输入新密码:

jboss配置
<!-- SSL/TLS Connector configuration using the admin devl guide keystore -->
<Connector protocol="HTTP/1.1" SSLEnabled="true"
           port="${jboss.web.https.port}" address="${jboss.bind.address}"
           scheme="https" secure="true" clientAuth="false"
           keystoreFile="${jboss.server.home.dir}/conf/server.keystore"
           keystorePass="123456" sslProtocol = "TLS" />

web.xml 配置
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>HtmlAdaptor</web-resource-name>
            <description>
                An example security config that only allows users with
                the role JBossAdmin to access the HTML JMX console web
                application
            </description>
            <url-pattern>/</url-pattern>
            <!-- <http-method>GET</http-method>
                <http-method>POST</http-method> -->
        </web-resource-collection>
        <!--<auth-constraint>
            <role-name>JBossAdmin</role-name>
            </auth-constraint> -->
        <user-data-constraint>
            <description>Protection should be CONFIDENTIAL</description>
            <transport-guarantee>CONFIDENTIAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>

http://docs.jboss.org/jbossweb/2.1.x/ssl-howto.html