Hi,

We are in process of migrating from JBoss 5 to WildFly 10.

In JBoss 5 we were able to generate cert/keystore with random keystore password using MBean

We had following configuration in jboss-service.xml

<server>

  <mbean code="org.jboss.security.plugins.JaasSecurityDomain"

    name="jboss.security:service=PBESecurityDomain">

  <constructor>

     <arg type="java.lang.String" value="random-password-domain"/>

  </constructor>

  <attribute name="KeyStoreType">JKS</attribute>

  <attribute name="TrustStoreType">JKS</attribute>

  <attribute name="KeyStoreURL">file:///${jboss.server.home.dir}/mykestore.jks</attribute>

  <attribute name="KeyStorePass">password</attribute>       

  </mbean>

<server>

The Connector in server.xml was configured to use the security domain configured above

securityDomain="java:/jaas/random-password-domain"

And at JBoss startup we could access above configured security domain with following code and update the information:

JaasSecurityDomain securityDomain = (JaasSecurityDomain)new InitialContext().lookup("java:/jaas/random-password-domain");

securityDomain.setKeyStoreURL(....)

securityDomain.setKeyStorePass(....)

But in WildFly 10 I cannot configure security-domain with the ssl, I need to hardcode keystore information like this:

<security-realm name="ApplicationRealm">

  <server-identities>

                    <ssl>

                        <keystore provider="JKS" path="mykestore.jks" relative-to="jboss.server.config.dir" keystore-password="password" key-password="password"/>

                    </ssl>

  </server-identities>

</security-realm>