how to configure https connector for SSL via CLI
mazz Dec 12, 2012 5:11 PMThis thread shows what you need to do to configure the https connector via editing standalone.xml.
However, I want to do it via DMR/ModelController API calls. I first tried to do it via the CLI GUI (jboss-cli.sh --gui), but I can't seem to get it to work. First off, the CLI GUI doesn't even show the "ssl" child when you use the right-mouse "add" menu (the popup dialogue box doesn't show you an "ssl" entry), but I assume it is valid so I just tried this from the CLI:
/subsystem=web/connector=https/:add(socket-binding=https,scheme=https,protocol=HTTP/1.1,secure=true,enabled=true,enable-lookups=false,ssl={name=>'https' password=>'changeit' certificate-key-file=>'server.keystore')})
{"outcome" => "success"}
So you can see here that the outcome was "success" and I do see a new https connector added to my system (I can actually see it in the CLI GUI). Therefore, I assume the syntax of that CLI command is valid and I also assume my values were all correct (specifically for the ssl child node).
But, if I ask to read-resource on that new connector, you'll notice that ssl still shows undefined (even though up above you see I did set the attributes for that ssl child node) and no <ssl> xml exists in my standalone xml file:
/subsystem=web/connector=https/:read-resource(recursive=true,proxies=false,include-runtime=true,include-defaults=true)
{
"outcome" => "success",
"result" => {
"bytesReceived" => "0",
"bytesSent" => "0",
"enable-lookups" => false,
"enabled" => true,
"errorCount" => "0",
"executor" => undefined,
"max-connections" => undefined,
"max-post-size" => 2097152,
"max-save-post-size" => 4096,
"maxTime" => "0",
"name" => "https",
"processingTime" => "0",
"protocol" => "HTTP/1.1",
"proxy-name" => undefined,
"proxy-port" => undefined,
"redirect-port" => 8433,
"requestCount" => "0",
"scheme" => "https",
"secure" => true,
"socket-binding" => "https",
"ssl" => undefined,
"virtual-server" => undefined
}
}
In the CLI GUI, I don't see any "ssl" child node anywhere, nor do I see how I can add/modify an "ssl" child node from the right-mouse menu options.
So, my question is - how do I create a secure connector such that I can provide the ssl information (like the password to the store, the store filename, etc) via the CLI (which can then tell me what I really want to know - what's the DMR representation)