Hi :

I have been reading this forum and also browse WildFly's documentation for bits and pieces of information for Https setup. I find that instruction for setting up a fully-secured WildFly server based on standalone-full.xml or standalone-full-ha.xml lacking in details.

Specifically, my needs are able to secure out of the box, all access to the a WildFly instance via HTTPS.

It seems to me that there are various  places in the standalone-full.xml or standalone-full-ha.xml that one has to set/hunt down to start the WildFly server without any errors...

Q: Does anyone has a one-stop cheatsheet on how to do this?.

Also how do I do a global http-to-https redirect for  the whole WildFly instance?

BTW, I 'm already doing this:

<security-realm name="SSLRealm">

                <server-identities>

                    <ssl protocol="TLSv1.2">

                        <keystore path="wildfly.keystore" relative-to="jboss.server.config.dir" keystore-password="mypassword"/>

                    </ssl>

                </server-identities>

            </security-realm>

....

<subsystem xmlns="urn:jboss:domain:undertow:1.2">

            <buffer-cache name="default"/>

            <server name="default-server">

                <http-listener name="default" socket-binding="http" security-realm="SSLRealm"/>

                <https-listener name="default-https" socket-binding="https" security-realm="SSLRealm"/>

....

thanks,

--bk