5 Replies Latest reply on Jun 1, 2017 3:28 AM by Tristan Tarrant

    Access SSL enabled Hot rod protocol

    Narendra Kadali Newbie

      Hi,

       

      We have an external Infinispan server deployed with SSL enabled hotrod protocol. I am trying to figure out, from wildfly Server how to connect to this remote cache.

       

      In our Wildfly server, I have the following configuration

       

      <subsystem xmlns="urn:jboss:domain:remoting:3.0">
          <endpoint/>
          <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
          <outbound-connections>
              <remote-outbound-connection name="infinissl" outbound-socket-binding-ref="remote-cache" protocol="https-remoting"/>
          </outbound-connections>
      </subsystem>
      <subsystem xmlns="urn:jboss:domain:infinispan:4.0">
          <cache-container name="keycloak" jndi-name="infinispan/app1" module="org.keycloak.keycloak-model-infinispan">
              <local-cache name="sessions">
                  <remote-store passivation="false" fetch-state="false" purge="false" preload="false" shared="true" cache="sessions" remote-servers="remote-cache">   
                      <property name="rawValues">true</property>
                      <property name="marshaller">org.keycloak.cluster.infinispan.KeycloakHotRodMarshallerFactory</property>
                  </remote-store>
              </local-cache>
          </cache-container>
      </subsystem>
      <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
          ..............
          ...............
          <outbound-socket-binding name="remote-cache" >
              <remote-destination host="${env.INFINISPAN_HOST}" port="${env.INFINISPAN_PORT:11222}" >
              </remote-destination>
          </outbound-socket-binding>
      </socket-binding-group>
      

       

       

      In outbound connection, even though I mentioned it as a https-remoting it is still trying to connect as non-SSL. Any thoughts on this?

       

      Thanks!