0 Replies Latest reply on Jan 11, 2017 6:17 PM by yashendrac

    How to configure Wildfly 10 HTTPS with random keystore password

    yashendrac

      Hi,

       

      We are in process of migrating from JBoss 5 to WildFly 10.

      In JBoss 5 we were able to generate cert/keystore with random keystore password using MBean

      We had following configuration in jboss-service.xml

       

      <server>

        <mbean code="org.jboss.security.plugins.JaasSecurityDomain"

          name="jboss.security:service=PBESecurityDomain">

        <constructor>

           <arg type="java.lang.String" value="random-password-domain"/>

        </constructor>

        <attribute name="KeyStoreType">JKS</attribute>

        <attribute name="TrustStoreType">JKS</attribute>

        <attribute name="KeyStoreURL">file:///${jboss.server.home.dir}/mykestore.jks</attribute>

        <attribute name="KeyStorePass">password</attribute>       

        </mbean>

      <server>

       

      The Connector in server.xml was configured to use the security domain configured above

      securityDomain="java:/jaas/random-password-domain"

       

      And at JBoss startup we could access above configured security domain with following code and update the information:

      JaasSecurityDomain securityDomain = (JaasSecurityDomain)new InitialContext().lookup("java:/jaas/random-password-domain");

      securityDomain.setKeyStoreURL(....)

      securityDomain.setKeyStorePass(....)

       

       

      But in WildFly 10 I cannot configure security-domain with the ssl, I need to hardcode keystore information like this:

      <security-realm name="ApplicationRealm">

        <server-identities>

                          <ssl>

                              <keystore provider="JKS" path="mykestore.jks" relative-to="jboss.server.config.dir" keystore-password="password" key-password="password"/>

                          </ssl>

        </server-identities>

      </security-realm>