JBoss SSL configuration issue
jnemera Nov 17, 2017 10:08 AMHi everyone,
I was trying to configure Wildfly to use https.
this are the steps I did.
1) I created a self-signed certificate
- placed the certificate in %JBOSS_HOME%\domain\configuration directory
2) updated host.xml file in %JBOSS_HOME%\domain\configuration directory
- I updated the host.xml file( added the server-identities block to Management Realm and Application Realm)
<server-identities>
<ssl>
<keystore path=
"Wlfy.keystore"
relative-to=
"jboss.domain.config.dir"
keystore-password=
"password"
alias=
"binary109"
key-password="password"
generate-self-signed-certificate-host=
"localhost"
/>
</ssl>
</server-identities>
- added secure-port to http-interface<http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
<http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
<socket interface="management" port="${jboss.management.http.port:9990}" secure-port="${jboss.management.http.port:9993}"/>
</http-interface>
3) updated JBoss-cli.xml to add SSL configuration
<ssl>
<alias>
default
</alias>
<key-store>C:\Infor\LSF-JBOSS\domain\configuration\Wildfly10.keystore</key-store>
<key-store-password>binary109</key-store-password>
<trust-store>C:\Infor\LSF-JBOSS\domain\configuration\Wildfly10.keystore</trust-store>
<modify-trust-store>
true
</modify-trust-store>
</ssl>
The issue is after inserting the ssl block into JBoss-cli.xml file the CLI command stopped working.
command >> jboss-cli.bat --connect controller=http-remoting://<host_name>:9993 -u=Lawson -p=password –gui
I get >> Failed to connect to the controller: Unable to negotiate SSL connection with controller at <host_name>:9993
If I comment out the <SSL> block from the JBoss-cli.xml, the above command will work. But when trying to stop the Wildfly service it will time out waiting for the user to accept or reject the certificate. sinsce I am trying to automate this process is there a way to fix this issue.
I appreciate any help
Thanks