1. WEBMain.xml 아래와 같이 설정을 추가한다.
<webserver-connection>
...
<port>443</port>
<scheme>https</scheme>
<ssl-config>
<enable-secure>true</enable-secure>
</ssl-config>
...
</webserver-connection>
2. SSL Keystore 설정을 해야한다.
아래 명령을 통해서 keystore를 생성한다.
$ keytool -genkey -alias jeusssl -keyalg RSA -validity 7 -keystore /home/taeju/jeus6006/config/fpaper/keystore
Enter keystore password: jeus123
What is your first and last name?
[Unknown]: localhost
What is the name of your organizational unit?
[Unknown]: RND
What is the name of your organization?
[Unknown]: TmaxSoft
What is the name of your City or Locality?
[Unknown]: Seoul
What is the name of your State or Province?
[Unknown]: seoul
What is the two-letter country code for this unit?
[Unknown]: KR
Is <CN=localhost, OU=RND, O=TmaxSoft, L=Seoul, ST=Kyoungi, C=KR> correct?
[no]: yes
Enter key password for <jeusssl>
(RETURN if same as keystore password):
3. SSL Truststore 설정
아래 명령을 통해 keystore로부터 자제적으로 서명한 인증서를 "jeusssl.cer"라는 파일에 export 한다.
$ keytool -export -alias jeusssl -keystore /home/taeju/jeus6006/config/fpaper/keystore -rfc -file jeusssl.cer
Enter keystore password: jeus123
Certificate stored in file <jeusssl.cer>
4. 인증서를 JEUS_HOME\config\<node-name>\truststore의 JEUS SSL truststore로 import 한다.
keytool -import -alias jeussslcert -file jeusssl.cer -keystore /home/taeju/jeus6006/config/fpaper/truststore
Enter keystore password: jeus123
Owner: CN=localhost, OU=RND, O=TmaxSoft, L=Seoul, ST=Kyoungi, C=KR
Issuer: CN=localhost, OU=RND, O=TmaxSoft, L=Seoul, ST=Kyoungi, C=KR
Serial number: 3e447270
Valid from: Sat Feb 08 11:58:56 KST 2004 until: Sat Feb 15 11:58:
56 KST 2004
Certificate fingerprints:
MD5: B4:53:FE:B6:00:EB:FB:0F:04:7F:D2:F6:FA:9A:A0:3B
SHA1: DE:C8:26:5F:D0:06:9B:3C:F8:E2:7E:3A:26:B7:78:83:9
3:2D:5E:1C
Trust this certificate? [no]: yes
Certificate was added to keystore
5. 보안 리스너 속성 설정을 설정한다.
JEUSMain.xml에 아래의 속성을 추가해준다.
<command-option>
....
-Djeus.ssl.keypass=jeus123
-Djeus.ssl.trustpass=jeus123
....
</command-option>
6.JEUS를 boot한다.
결과
https://localhost/examples를 실행하여 인증서 보안 경고가 뜨고 정상적으로 화면이 나타나는지 확인한다.