3 Replies Latest reply on Nov 21, 2017 12:54 PM by Jijo Nemera

    JBoss SSL configuration issue

    Jijo Nemera Newbie

      Hi everyone,

       

      I was trying to configure Wildfly to use https.

      this are the steps I did.

           1)     I created a self-signed certificate

                     - placed the certificate in %JBOSS_HOME%\domain\configuration directory

       

          2)     updated host.xml file in %JBOSS_HOME%\domain\configuration directory

                      -    I updated the host.xml file( added the server-identities block to Management Realm and Application Realm)

                                 <server-identities>

                     <ssl>

                          <keystore path="Wlfy.keystore" relative-to="jboss.domain.config.dir" keystore-password="password"

                             alias="binary109" key-password="password" generate-self-signed-certificate-host="localhost"/>

                     </ssl>

                  </server-identities>

       

                     -    added secure-port to http-interface<http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">

                               <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">

                     <socket interface="management" port="${jboss.management.http.port:9990}" secure-port="${jboss.management.http.port:9993}"/>

                  </http-interface>

       

         3)  updated JBoss-cli.xml to add SSL configuration

                <ssl>

       

                    <alias>default</alias>

                    <key-store>C:\Infor\LSF-JBOSS\domain\configuration\Wildfly10.keystore</key-store>

                    <key-store-password>binary109</key-store-password>

                    <trust-store>C:\Infor\LSF-JBOSS\domain\configuration\Wildfly10.keystore</trust-store>

                    <modify-trust-store>true</modify-trust-store>

                </ssl>

       

      The issue is after inserting the ssl block into JBoss-cli.xml file the CLI command stopped working.

           command >> jboss-cli.bat --connect controller=http-remoting://<host_name>:9993 -u=Lawson -p=password –gui

           I get  >> Failed to connect to the controller: Unable to negotiate SSL connection with controller at <host_name>:9993

      If I comment out the <SSL> block from the JBoss-cli.xml, the above command will work. But when trying to stop the Wildfly service it will time out waiting for the user to accept or reject the certificate. sinsce I am trying to automate this process is there a way to fix this issue.

       

      I appreciate any help

       

      Thanks