June 26, 2015

Configure SSL on WildFly 8 - Self Signed Certificate

Create a self-signed certificate inside the $JBOSS_HOME/standalone/configuration/ directory:
keytool -genkeypair -alias serverkey -keyalg RSA -keysize 2048 -validity 365 -keystore keystore.jks -keypass mypassword -storepass mypassword -dname "CN=Server Administrator,O=My Organization,C=ZA"
Add the security realm to the management section:
/core-service=management/security-realm=SSLRealm/:add()

Configure the new realm:
/core-service=management/security-realm=SSLRealm/server-identity=ssl/:add(keystore-path=keystore.jks, keystore-relative-to=jboss.server.config.dir, keystore-password=mypassword, alias=serverkey, key-password=mypassword)

Add the https-listener to the undertow configuration:
/subsystem=undertow/server=default-server/https-listener=https/:add(socket-binding=https, security-realm=SSLRealm)

This adds the following to your standalone.xml
<security-realm name="SSLRealm">
    <server-identities>
        <ssl>
            <keystore path="keystore.jks" relative-to="jboss.server.config.dir" keystore-password="mypassword" alias="serverkey" key-password="mypassword"/>
        </ssl>
    </server-identities>
</security-realm>
And the following is added to your undertow subsystem:
<https-listener name="https" socket-binding="https" security-realm="SSLRealm"/>

You should now be able to access your application on https://localhost:8443

No comments :

Post a Comment