0 Replies Latest reply on Mar 23, 2015 3:19 PM by bk lau

    "Full-https" setup cheatsheet

    bk lau Newbie

      Hi :

      I have been reading this forum and also browse WildFly's documentation for bits and pieces of information for Https setup. I find that instruction for setting up a fully-secured WildFly server based on standalone-full.xml or standalone-full-ha.xml lacking in details.

      Specifically, my needs are able to secure out of the box, all access to the a WildFly instance via HTTPS.

      It seems to me that there are various  places in the standalone-full.xml or standalone-full-ha.xml that one has to set/hunt down to start the WildFly server without any errors...


      Q: Does anyone has a one-stop cheatsheet on how to do this?.

      Also how do I do a global http-to-https redirect for  the whole WildFly instance?

       

      BTW, I 'm already doing this:

       

      <security-realm name="SSLRealm">

                      <server-identities>

                          <ssl protocol="TLSv1.2">

                              <keystore path="wildfly.keystore" relative-to="jboss.server.config.dir" keystore-password="mypassword"/>

                          </ssl>

                      </server-identities>

                  </security-realm>

      ....

      <subsystem xmlns="urn:jboss:domain:undertow:1.2">

                  <buffer-cache name="default"/>

                  <server name="default-server">

                      <http-listener name="default" socket-binding="http" security-realm="SSLRealm"/>

                      <https-listener name="default-https" socket-binding="https" security-realm="SSLRealm"/>

      ....

       

      thanks,

      --bk