1 Reply Latest reply on Sep 19, 2018 5:07 AM by Abhinav Gupta

    Wildfly Undertow SSL Request Wildchar Certificate

    Milton Salvador Cavalieri Junior Newbie

      Hello folks,


      I've got a very serious problem. I bought a Wildcard certificate from Godaddy and I'm trying so hard to install it. I did the following steps:


      keytool -genkey -alias swint_com_br -keyalg RSA -keysize 2048 -keystore swint_com_br.jks

      keytool -certreq -alias swint_com_br -file swint_com_br.csr -keystore swint_com_br.jks


      Once I get csr file from godady I complete the request and download the file that cames with 3 files:






      I've imported those files using the following commands:


      keytool -import -alias root -keystore godaddy.keycloak.jks -trustcacerts -file gd_bundle-g2-g1.crt

      keytool -import -alias swint.com.br -keystore godaddy.keycloak.jks -trustcacerts -file 98b******012a.crt


      The information I got the gdig2.crt.pem is not important, but even thougt this file I've imported using the following command:


      keytool -import -alias interm -keystore godaddy.keycloak.jks -trustcacerts -file gdig2.crt.pem


      After that I copied the file godaddy.keycloak.jks to Wildfly_HOME



      rm  -f /opt/wildfly-10.1.0.Final/standalone/configuration/godaddy.keycloak.jks

      cp godaddy.keycloak.jks /opt/wildfly-10.1.0.Final/standalone/configuration/



      I changed the standalone-full.xml (I'm using it to start wildfly):



      <security-realm name="UndertowRealm">



                <keystore path="godaddy.keycloak.jks" relative-to="jboss.server.config.dir" keystore-password="******" />






             <subsystem xmlns="urn:jboss:domain:undertow:3.1">

                  <buffer-cache name="default"/>

                  <server name="default-server">

                      <http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/>

                      <https-listener name="https" socket-binding="https" security-realm="UndertowRealm"/>

                      <host name="default-host" alias="localhost">

                          <location name="/" handler="welcome-content"/>

                          <filter-ref name="server-header"/>

                          <filter-ref name="x-powered-by-header"/>



                  <servlet-container name="default">





                      <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>



                      <response-header name="server-header" header-name="Server" header-value="WildFly/10"/>

                      <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>







      When I try to connecto to my application using a chorme browser, it shows up "Invalid Certificate" and when I check my certificate the tester show me "Certificate chain is incomplete, missing intermediate(s)"



      Who can help me?



      I'm spending almost 10 day and I cannot find any help about it.


      Thanks and best regards,