Multiple IP/Multiple SSL configs lead to 404 on anything but main IP/SSL combo.
I'm trying to implement SSL the same way we had it on JBoss 4, having it return a different SSL certificate based on the domain the user is coming from.
I found the following tutorial on google: Programming Notes and Examples: Wildfly Multiple IP and Multiple SSL Certificate
But whenever I attempt to access .81-.83, I get the SSL certificate back, but then I get a 404. It doesn't seem to be forwarding the request to our web.xml defined struts action. If I connect to it on .80, I get the mainsite SSL certificate, and everything works fine.
Here are the relevant bits of standalone.xml:
<?xml version='1.0' encoding='UTF-8'?>
<server xmlns="urn:jboss:domain:4.0">
<management>
<security-realms>
<security-realm name="ManagementRealm">
<authentication>
<local default-user="$local" skip-group-loading="true"/>
<properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
<authorization map-groups-to-roles="false">
<properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
</authorization>
</security-realm>
<security-realm name="ApplicationRealm">
<authentication>
<local default-user="$local" allowed-users="*" skip-group-loading="true"/>
<properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
<authorization>
<properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
</authorization>
</security-realm>
<security-realm name="main">
<server-identities>
<ssl>
<keystore path="Keystores/mainhost.jks" relative-to="jboss.home.dir" keystore-password="testpassword"/>
</ssl>
</server-identities>
</security-realm>
<security-realm name="site1">
<server-identities>
<ssl>
<keystore path="Keystores/site1.jks" relative-to="jboss.home.dir" keystore-password="testpassword"/>
</ssl>
</server-identities>
</security-realm>
<security-realm name="site2">
<server-identities>
<ssl>
<keystore path="Keystores/site2.jks" relative-to="jboss.home.dir" keystore-password="testpassword"/>
</ssl>
</server-identities>
</security-realm>
<security-realm name="site3">
<server-identities>
<ssl>
<keystore path="Keystores/site3.jks" relative-to="jboss.home.dir" keystore-password="testpassword"/>
</ssl>
</server-identities>
</security-realm>
</security-realms>
</management>
<profile>
<subsystem xmlns="urn:jboss:domain:undertow:3.0" instance-id="supercoolwebsite" >
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" max-parameters="10000" socket-binding="http" redirect-socket="https" />
<https-listener name="https" max-parameters="10000" security-realm="main" socket-binding="https"/>
<host name="default-host" alias="localhost">
<access-log prefix="access." directory="./server/standalone/log"/>
<filter-ref name="404-handler" predicate="true"/>
</host>
</server>
<server name="site1_server">
<http-listener name="http_site1" max-parameters="10000" socket-binding="http_site1" redirect-socket="https_site1" />
<https-listener name="https_site1" max-parameters="10000" security-realm="site1" socket-binding="https_site1"/>
<host name="site1_host" alias="site1.com">
<access-log prefix="access." directory="./server/standalone/log"/>
<filter-ref name="404-handler" predicate="true"/>
</host>
</server>
<server name="site2_server">
<http-listener name="http_site2" max-parameters="10000" socket-binding="http_site2" redirect-socket="https_site2" />
<https-listener name="https-site2" max-parameters="10000" security-realm="site2" socket-binding="https_site2"/>
<host name="site2_host" alias="site2.com,www.site2.com">
<access-log prefix="access." directory="./server/standalone/log"/>
<filter-ref name="404-handler" predicate="true"/>
</host>
</server>
<server name="site3_server">
<http-listener name="http_site3" max-parameters="10000" socket-binding="http_site3" redirect-socket="https_site3" />
<https-listener name="https-site3" max-parameters="10000" security-realm="site3" socket-binding="https_site3"/>
<host name="site3_host" alias="site3.com">
<access-log prefix="access." directory="./server/standalone/log"/>
<filter-ref name="404-handler" predicate="true"/>
</host>
</server>
<servlet-container name="default" stack-trace-on-error="none">
<jsp-config development="true"/>
<websockets/>
<session-cookie secure="true" http-only="true" />
</servlet-container>
<filters>
<error-page name="404-handler" code="404" path="\static\html\404.html"/>
</filters>
</subsystem>
</profile>
<interfaces>
<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface>
<interface name="public_site1">
<inet-address value="192.168.12.81"/>
</interface>
<interface name="public_site2">
<inet-address value="192.168.12.82"/>
</interface>
<interface name="public_site3">
<inet-address value="192.168.12.83"/>
</interface>
</interfaces>
<socket-binding-group name="standard-sockets" default-interface="public">
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/>
<socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
<socket-binding name="http" port="${jboss.http.port:80}"/>
<socket-binding name="https" port="${jboss.https.port:443}"/>
<socket-binding name="http_site1" port="${jboss.http.port:80}" interface="public_site1" />
<socket-binding name="https_site1" port="${jboss.https.port:443}" interface="public_site1"/>
<socket-binding name="http_site2" port="${jboss.http.port:80}" interface="public_site2" />
<socket-binding name="https_site2" port="${jboss.https.port:443}" interface="public_site2"/>
<socket-binding name="http_site3" port="${jboss.http.port:80}" interface="public_site3" />
<socket-binding name="https_site3" port="${jboss.https.port:443}" interface="public_site3"/>
</socket-binding-group>
</server>
