4 Replies Latest reply on Feb 1, 2018 1:21 PM by heruan

How to set up SSL for Administration Console on Wildfly 8 Final ?

cviniciusm Feb 24, 2014 7:29 AM

Hello,

I'm using Wildfly 8 Final with standalone-full configuration.

I used "Security Realms" (https://docs.jboss.org/author/display/WFLY8/Security+Realms) and "Examples, Enable SSL" (https://docs.jboss.org/author/display/WFLY8/Examples) to enable SSL for the security-realm "ManagementRealm". Wildfly starts successfully.

But it isn't listening on management port 9993 (SSL).

$ sudo netstat -tlnp

Active Internet Connections (without servers)

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

tcp 0 0 <public ip>:8080 0.0.0.0:* LISTEN 4691/java

tcp 0 0 <public ip>:9990 0.0.0.0:* LISTEN 4691/java

...

How to set up SSL for Administration Console on Wildfly 8 Final properly, please?

Thanks in advance.

1. Re: How to set up SSL for Administration Console on Wildfly 8 Final ?

spolti Feb 24, 2014 8:05 AM (in response to cviniciusm)

Hi, first you must configure a certificate and then change http-interface.

Look this: http://middlewaremagic.com/jboss/?p=2461

Regards.
1 of 1 people found this helpful
Actions
2. Re: How to set up SSL for Administration Console on Wildfly 8 Final ?

dlofthouse Feb 24, 2014 8:15 AM (in response to cviniciusm)

As you have configuration that is not working for you it may be easier if you post it here so we can see how far you have come.

For the http-interface you could be missing the step to actually enable the https port e.g.

<http-interface security-realm="ManagementRealm">

<socket-binding http="management-http" https="management-https" />

</http-interface>

1 of 1 people found this helpful
Actions
3. Re: How to set up SSL for Administration Console on Wildfly 8 Final ?

cviniciusm Feb 24, 2014 8:54 AM (in response to cviniciusm)

Hello,

Thanks very much to Filippe and Darran.

Below my findings:

I changed "<socket-binding http="management-http"/>" by "<socket-binding http="management-https"/>" on
standalone-full.xml:
...
<management-interfaces>
    <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
        <socket-binding http="management-https"/>
    </http-interface>
</management-interfaces>
...

Now, I'm able to get the Administration by URL1 below, but URL2 doesn't.

URL1: http://<public ip>:9993/console/App.html#server-overview

URL2: https://<public ip>:9993/console/App.html#server-overview

But, following the Darran suggestion, I just did do:
"
...
<socket-binding https="management-https"/>
...
"

So, I am able to get Administration Console by HTTPS at tcp/9993 port.

Thanks again.
1 of 1 people found this helpful
Actions
4. Re: How to set up SSL for Administration Console on Wildfly 8 Final ?

heruan Feb 1, 2018 1:21 PM (in response to cviniciusm)

This unfortunately does not work in domain mode, as <http-interface> does not accept <socket-binding> children, but only <socket> and the default one is: <socket interface="management" port="${jboss.management.http.port:9990}"/>

How can I change this to bind to HTTPS 9993?
Actions

Go to original post