问题
I want to send EMails from a JBoss 7 application. The SMTP server needs a TLS connection with a self signed certificate. If I try to send a EMail I get a SSLHandshakeException because the server certificate cannot be checked. To fix this I have add this: http://springinpractice.com/2012/04/29/fixing-pkix-path-building-issues-when-using-javamail-and-smtp/ (putting the SMTP server certificate into a java truststore file)
My problem is now how to set the truststore file to JBoss 7?
I known at stackoverflow and on other forums there are several answer for that propblem. But I didn't found the right.
I have already tried followings:
- adding
JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.trustStore=/home/stewert.c-on/data/projects/keystore/devel.truststore -Djavax.net.ssl.trustStorePassword=123456"to:- jboss-as-7.1.1.Final/bin/standalone.conf
- jboss-as-7.1.1.Final/bin/domain.conf
- jboss-as-7.1.1.Final/bin/appclient.conf
- adding
<jsse keystore-password="123456" keystore-url="/home/stewert.c-on/data/projects/keystore/devel.keystore" truststore-password="123456" truststore-url="/home/stewert.c-on/data/projects/keystore/devel.truststore"/>to jboss-as-7.1.1.Final/standalone/configuration/standalone.xml
But if I check at runtime the system environment variable with 'System.getProperty("javax.net.ssl.trustStore")' I get in every case null!
My environment:
- Linux
- JBoss 7.1
- JDK 7
- I'm starting JBoss inside of eclipse Juno
Anybody knows what's going wrong? Where must I set the truststore?
Thanks, Steffen
回答1:
Someone asked on the JBoss forum "javax.net.ssl.trustStore - only way to specify client trust?", and the answer is basically "yes".
Their approach was to set that in a system-properties element in the server config XML, which seems like the best way to me too. Better than grubbing about in the run configuration files!
来源:https://stackoverflow.com/questions/14730421/setting-the-right-truststore-in-jboss-7