Configure RMI + SSL for EJB3
15.3. EJB3 RMI + SSL Configuration Procedure 15.4. Configure RMI + SSL for EJB3 Overview This procedure configures SSL encryption of Remote Method Invocation traffic between EJB3 beans on the server and a fat client running on another machine on the network. Generate encryption keys and certificate Configure a secure remote connector for RMI Annotate EJB3 beans to use the secure RMI connector Generating encryption keys and certificates is covered in Section 15.2, “Generate encryption keys and certificate” . Create a secure remoting connector for RMI The file ejb3-connectors-jboss-beans.xml in a JBoss Application Server profile deploy directory contains JBoss Remoting connector definitions for EJB3 remote method invocation. Configure EJB3 Beans for SSL Transport All EJB3 beans use the unsecured RMI connector by default. To enable remote invocation of a bean via SSL, annotate the bean with @org.jboss.annotation.ejb.RemoteBinding . Enabling both secure and insecure invocation of an EJB3 bean You can enable both secure and insecure remote method invocation of the same EJB3 bean. Example 15.4, “EJB3 Bean annotation for secure and unsecured invocation” demonstrates the annotations to do this. If a client requests StatefulNormal from JNDI, the returned proxy implementing the remote interface communicates with the server via the unencrypted socket protocol; and if StatefulSSL is requested, the returned proxy implementing the remote interface communicates with the server via SSL.