-
1. Re: SSL configuration in JBoss EAP 7.1 - Help needed
mchoma Aug 22, 2018 8:55 AM (in response to peyyero)If configuration is exposed on domain controller it will propagate to whole domain. But you have to distribute keystore files manually to filesystem of distinct controllers.
-
2. Re: SSL configuration in JBoss EAP 7.1 - Help needed
peyyero Aug 22, 2018 8:35 PM (in response to mchoma)Thank you Martin!
Let me give it a shot this morning.
-
3. Re: SSL configuration in JBoss EAP 7.1 - Help needed
peyyero Aug 23, 2018 12:12 AM (in response to peyyero)I am still facing trouble getting this to work. I am following this article (Enable SSL in JBoss EAP 7.1 using Elytron - Red Hat Customer Portal) to setup SSL on my domain.
But when I run these steps using CLI:
--
batch
/subsystem=undertow/server=default-server/https-listener=https:undefine-attribute(name=security-realm)
/subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=ssl-context,value=newSSC)run-batch
--
I get this error:
--
Exception for run-batch: org.jboss.as.cli.CommandFormatException: Failed to get the list of the operation properties: "WFLYCTL0030: No resource definition is registered for address [
("subsystem" => "undertow"),
("server" => "default-server"),
("https-listener" => "https")
]": Failed to get the list of the operation properties: "WFLYCTL0030: No resource definition is registered for address [
("subsystem" => "undertow"),
("server" => "default-server"),
("https-listener" => "https")
]
--
Any ideas why?
-
4. Re: SSL configuration in JBoss EAP 7.1 - Help needed
peyyero Aug 23, 2018 12:47 AM (in response to peyyero)Just clarify, I also tried running like this:
--
batch
/profile=full-ha/subsystem=undertow/server=default-server/https-listener=https:undefine-attribute(name=security-realm)
/profile=full-ha/subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=ssl-context,value=newSSC)
run-batch
--
I got this error:
--
The batch failed with the following error (you are remaining in the batch editing mode to have a chance to correct the error): {"WFLYCTL0062: Composite operation failed and was rolled back. Steps that failed:" => {"Op
eration step-2" => "WFLYCTL0369: Required capabilities are not available:
org.wildfly.security.ssl-context.newSSC in context 'profile=full-ha'; Possible registration points for this capability:
/host=master/subsystem=elytron/server-ssl-context=*
/host=master/subsystem=elytron/client-ssl-context=*
/profile=*/subsystem=elytron/server-ssl-context=*
/profile=*/subsystem=elytron/client-ssl-context=*"}}
--
-
5. Re: SSL configuration in JBoss EAP 7.1 - Help needed
peyyero Aug 23, 2018 1:56 AM (in response to peyyero)Got the issue. All good. I had to install certificate under profile=full-ha.