Wildfly Undertow SSL Request Wildchar Certificate
miltonsalvadorcavalieri Sep 18, 2018 3:53 AMHello folks,
I've got a very serious problem. I bought a Wildcard certificate from Godaddy and I'm trying so hard to install it. I did the following steps:
keytool -genkey -alias swint_com_br -keyalg RSA -keysize 2048 -keystore swint_com_br.jks
keytool -certreq -alias swint_com_br -file swint_com_br.csr -keystore swint_com_br.jks
Once I get csr file from godady I complete the request and download the file that cames with 3 files:
gd_bundle-g2-g1.crt
gdig2.crt.pem
98b******012a.crt
I've imported those files using the following commands:
keytool -import -alias root -keystore godaddy.keycloak.jks -trustcacerts -file gd_bundle-g2-g1.crt
keytool -import -alias swint.com.br -keystore godaddy.keycloak.jks -trustcacerts -file 98b******012a.crt
The information I got the gdig2.crt.pem is not important, but even thougt this file I've imported using the following command:
keytool -import -alias interm -keystore godaddy.keycloak.jks -trustcacerts -file gdig2.crt.pem
After that I copied the file godaddy.keycloak.jks to Wildfly_HOME
rm -f /opt/wildfly-10.1.0.Final/standalone/configuration/godaddy.keycloak.jks
cp godaddy.keycloak.jks /opt/wildfly-10.1.0.Final/standalone/configuration/
I changed the standalone-full.xml (I'm using it to start wildfly):
<security-realm name="UndertowRealm">
<server-identities>
<ssl>
<keystore path="godaddy.keycloak.jks" relative-to="jboss.server.config.dir" keystore-password="******" />
</ssl>
</server-identities>
</security-realm>
<subsystem xmlns="urn:jboss:domain:undertow:3.1">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/>
<https-listener name="https" socket-binding="https" security-realm="UndertowRealm"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
</server>
<servlet-container name="default">
<jsp-config/>
<websockets/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
</handlers>
<filters>
<response-header name="server-header" header-name="Server" header-value="WildFly/10"/>
<response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
</filters>
</subsystem>
When I try to connecto to my application using a chorme browser, it shows up "Invalid Certificate" and when I check my certificate the tester show me "Certificate chain is incomplete, missing intermediate(s)"
Who can help me?
I'm spending almost 10 day and I cannot find any help about it.
Thanks and best regards,
Milton