I started this in Jira, but I figured it might need a forum post for completeness as well:

https://issues.jboss.org/browse/AS7-4261

When securing the management interface, you need to specify a server identity and a SSL keystore to use, example:

<server-identities>
  <ssl>
    <keystore path="keystore.jks" relative-to="jboss.home.dir" password="xxx">
  </ssl>
</server-identities>

However this does not support (in the XSD) using an alias to specify the private key to use for the identity. It seems to just use the first private key pair it finds in the keystore. This is quite a big problem if your keystore contains several key pairs (as for instance JKS supports)