In general you have two options to setup SSL/HTTPS support for your server:
In both cases you have to configure keys and (self-signed) certificates for your web server. This guide will briefly explain how to accomplish that for both options.
Native SSL-Setup using OpenSSL
Again we will generate a private key and a self-signed certificate. Additionally, you can also export the certificate to a pkcs12 format file.
You can import it into the Windows certificate storage if you have problems with the Internet Explorer.
Step 1: Generate key
$ openssl genrsa -des3 -out foo.pem 1024
Generating RSA private key, 1024 bit long modulus
............++++++
...................++++++
e is 65537 (0x10001)
Enter pass phrase for foo.pem: secret
Verifying - Enter pass phrase for foo.pem: secret
Step 2: Generate certificate
$ openssl req -new -x509 -key foo.pem -out foo-cert.pem -days 10950
Enter pass phrase for foo.pem: secret
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:WD
State or Province Name (full name) [Some-State]:Duckburg
Locality Name (eg, city) []:Duckburg
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Acme Corp
Organizational Unit Name (eg, section) []:Foo
Common Name (eg, YOUR name) []:foo.acme.com
Email Address []:
Step 3: (Optional) Generate PKCS12 file
$ openssl pkcs12 -export -in foo-cert.pem -inkey foo.pem -out foo.p12
Enter pass phrase for foo.pem: secret
Enter Export Password: secret
Verifying - Enter Export Password: secret
Port configuration
The above example assumes that you have configured JBoss to use the standard ports 80 (HTTP) and 443 (HTTPS). Accesses to the HTTP port will be redirected HTTPS.
<socket-binding-group name="standard-sockets" default-interface="public" ...>
<socket-binding name="http" port="80" />
<socket-binding name="https" port="443" />
...
</socket-binding-group>