How to turn on the SSL Debugging in JBoss

How to turn on the SSL Debugging in JBoss

You need to add this to your JAVA_OPTIONS in your run.bat. Or if you have a batch file that does environment before running the run.bat batch file then you can add this config setting to your jboss startup batch file:

REM to turn ON the SSL debugging in JBoss
set JAVA_OPTS=%JAVA_OPTS% -Djavax.net.debug=ssl:handshake:verbose:keymanager:trustmanager -Djava.security.debug=access:stack

this will turn on the ssl debugging on ssl handshake process and will be verbose in telling which keymanager and trustmanager will be used.

if you want all debugging information on start up then you can use following config setting:
 
set JAVA_OPTS=%JAVA_OPTS% -Djavax.net.debug=all -Djava.security.debug=access:stack

The above commands will give you more information to be able to diagnose the error.

How to explicitly specify keystore and truststore in JAVA_OPTIONS in JBoss


You can explicitly specify the keystore and truststore with -D option in JBoss. Please see the configuration settings below:

REM to explicitly set the keystore and truststore

set JAVA_OPTS=%JAVA_OPTS% -Djavax.net.ssl.trustStore=C:/Java/jboss-4.2.2.GA/server/{your_server_instance}/conf/server.truststore -Djavax.net.ssl.trustStorePassword=[your_password] -Djavax.net.ssl.keyStore=C:/Java/jboss-4.2.2.GA/server/{your_server_instance}/conf/server.keystore -Djavax.net.ssl.keyStorePassword=[your_password]