1 Reply Latest reply on Oct 23, 2015 3:47 PM by Michael Stewart

    client certificate authentication

    Quentin Van Wonterghem Newbie

      Hello all !


      I come here looking for help because I'm actually not sure what I want to do is possible.

      So, I have a Wildfly 8.1 server running. On this server I have deployed 2 web service REST. I need to configure SSL transport for both of them but for the first one, I want mutual authentication (client and server) and for the second one I just want server authentication. I tried using security-domain with Certificate and jsse but I can't make it work...


      For the record, I have tried global configuration of my ssl-realm with mutual authentication and it worked just fine.

      What doesn't work is making client_cert authentication mandatory on one of my REST web service. When I try to connect to it, I seem to be redirected to the global configuration of ssl-realm and the server doesn't ask for my client certificate.


      Here are my wildfly and web.xml configurations




                <security-realm name="ssl-realm">


                          <ssl protocol="SSL">

                              <keystore path="wildflyKeystore.jks" relative-to="jboss.server.config.dir" keystore-password="test" alias="alerter (telemis)" key-password="test"/>





                    <security-domain name="SSLClientCert">


                              <login-module code="Certificate" flag="required">

                                  <module-option name="securityDomain" value="cert"/>




                      <security-domain name="cert">

                          <jsse truststore-password="test" truststore-url="file:${jboss.server.config.dir}/wildflyTruststore.jks" client-auth="true"/>



                <https-listener name="default-https" socket-binding="https" security-realm="ssl-realm" verify-client="REQUESTED"/>























      <?xml version="1.0" encoding="UTF-8"?>






      Thank you for your time !