While using FUSE ESB you might have the need of running a ESB over https.This small tutorial will help you on how to configure . This is applicable for Apache Servicemix and JBOSS FUSE ESB .I’ll refer to it as esb/etc but what I mean here is for example is home\jboss-fuse-6.1.0.redhat-379\etc.
Here are the steps to configure the SSL .
- open org.ops4j.pax.web.cfg file present in <ESB>\etc folder.
- Edit the file and make it as mentioned below.org.osgi.service.http.enabled=false
org.osgi.service.http.secure.enabled=true
org.osgi.service.http.port.secure=8443org.ops4j.pax.web.ssl.keystore=etc/jbossfuse-dev.jks
org.ops4j.pax.web.ssl.keystore.type=JKS
org.ops4j.pax.web.ssl.password=password
org.ops4j.pax.web.ssl.keypassword=password - jbossfuse-dev.jks is keystore and contains key for SSL. Click here to generate the keystore
- Now, Open jetty.xml file from same location and make changes mentioned below.
-
<br /> <Call name="addConnector"><br /> <Arg><br /> <!-- The SslSelectChannelConnector class uses the Java NIO SslEngine --><br /> <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector"><br /> <Arg><br /> <New class="org.eclipse.jetty.http.ssl.SslContextFactory"><br /> <!-- Protect against the POODLE security vulnerability --><br /> <Set name="ExcludeProtocols"><br /> <Array type="java.lang.String"><br /> <Item>SSLv3</Item><br /> </Array><br /> </Set><br /> <Set name="keyStore">etc/jbossfuse-dev.jks</Set><br /> <Set name="keyStorePassword">password</Set><br /> <Set name="keyManagerPassword">password</Set><br /> </New><br /> </Arg><br /> <Set name="port">8443</Set><br /> <Set name="maxIdleTime">30000</Set><br /> </New><br /> </Arg><br /> </Call><br />
- now restart the ESB & deploy your application .It should open at https://127.0.0.1:8443/cxf
- That’s all required to configure SSL.
Conclusion
It’s important to enable SSL for Joss fuse ESB so that you can also call secure services in your local environment instead of mocking them .
[…] can refer to “how to set SSL in FUSE ESB ” […]
LikeLike
Thanks Mahesh
LikeLike