Red Hat Training
A Red Hat training course is available for JBoss Enterprise Application Platform Common Criteria Certification
2.5. Configuration Requirements
The following sections describe modifications to be made to the
productionserver configuration to comply with CC requirements. It is recommended, however, to back up the production configuration prior to making the changes shown in the following subsections.
Backing up the production configuration involves making a copy of the
JBOSS_HOME/server/productiondirectory. If you are using Microsoft Windows you can use Windows Explorer to make a copy of this folder using copy-paste and rename the copy to
Under UNIX or Linux you can execute the command:
cp -pr JBOSS_HOME/server/production JBOSS_HOME/server/production.backup
In an emergency you can always retrieve the original files from the installation files.
2.5.1. General Restrictions
The following general restrictions apply when setting up a certified configuration.
- The WS CFX and WS Native stack are allowed. The WS Metro stack is not allowed in the evaluated configuration.
- Management Consoles
- The following deployed applications must be secured so they are accessible by trusted administrators only. The applications must be removed from the certified configuration if this condition is not met.
If you do not intend to use one or more of the management consoles, delete the entire directory related to each. Doing this guarantees that unauthorized users will not be able to access your system through an unused, and potentially unsecured management console.
- JMX Console (
- Web Console (
- Administration Console (