Description of problem:
It is possible to configure the web ssl connector to use the Windows certificate keystore (access provided by the SunMSCAPI provider). However, the JSSESocketFactory checks for a keystore file. This check should likely be skipped when the connector is configured to use the Windows keystore.
Here is what the configuration looks like:
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
<ssl name="https"
key-alias="jbossweb"
keystore-type="Windows-MY"
protocol="TLSv1"
</connector>
This results in an error like this:
13:54:01,821 ERROR [org.apache.coyote.http11] (MSC service thread 1-5) JBWEB003043: Error initializing endpoint: java.io.FileNotFoundException: C:\Users\imauser\.keystore (The system cannot find the file specified)
You can work around this issue by creating this keystore (C:\Users\imauser\.keystore).
More info on using the Windows keystores can be found here:
http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunMSCAPIhttp://www.oracle.com/technetwork/articles/javase/security-137537.html
Comment 1JBoss JIRA Server
2014-06-18 16:11:18 UTC
Emmanuel Hugonnet <ehugonne> updated the status of jira WFLY-3483 to Resolved
Comment 2Emmanuel Hugonnet (ehsavoie)
2014-06-19 09:54:10 UTC
Created attachment 910317[details]
Proposed patch
Simple patch that will not define a keystoreFile if we are using the Windows-MY or Windows-ROOT JSSE provider.
Comment 5Jean-frederic Clere
2014-08-19 14:20:56 UTC