1 Reply Latest reply on Sep 19, 2018 5:07 AM by Abhinav Gupta

    Wildfly Undertow SSL Request Wildchar Certificate

    Milton Salvador Cavalieri Junior Newbie

      Hello folks,

       

      I've got a very serious problem. I bought a Wildcard certificate from Godaddy and I'm trying so hard to install it. I did the following steps:

       

      keytool -genkey -alias swint_com_br -keyalg RSA -keysize 2048 -keystore swint_com_br.jks

      keytool -certreq -alias swint_com_br -file swint_com_br.csr -keystore swint_com_br.jks

       

      Once I get csr file from godady I complete the request and download the file that cames with 3 files:

       

      gd_bundle-g2-g1.crt

      gdig2.crt.pem

      98b******012a.crt

       

      I've imported those files using the following commands:

       

      keytool -import -alias root -keystore godaddy.keycloak.jks -trustcacerts -file gd_bundle-g2-g1.crt

      keytool -import -alias swint.com.br -keystore godaddy.keycloak.jks -trustcacerts -file 98b******012a.crt

       

      The information I got the gdig2.crt.pem is not important, but even thougt this file I've imported using the following command:

       

      keytool -import -alias interm -keystore godaddy.keycloak.jks -trustcacerts -file gdig2.crt.pem

       

      After that I copied the file godaddy.keycloak.jks to Wildfly_HOME

       

       

      rm  -f /opt/wildfly-10.1.0.Final/standalone/configuration/godaddy.keycloak.jks

      cp godaddy.keycloak.jks /opt/wildfly-10.1.0.Final/standalone/configuration/

       

       

      I changed the standalone-full.xml (I'm using it to start wildfly):

       

       

      <security-realm name="UndertowRealm">

         <server-identities>

            <ssl>

                <keystore path="godaddy.keycloak.jks" relative-to="jboss.server.config.dir" keystore-password="******" />

            </ssl>

         </server-identities>

      </security-realm>

       

       

             <subsystem xmlns="urn:jboss:domain:undertow:3.1">

                  <buffer-cache name="default"/>

                  <server name="default-server">

                      <http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/>

                      <https-listener name="https" socket-binding="https" security-realm="UndertowRealm"/>

                      <host name="default-host" alias="localhost">

                          <location name="/" handler="welcome-content"/>

                          <filter-ref name="server-header"/>

                          <filter-ref name="x-powered-by-header"/>

                      </host>

                  </server>

                  <servlet-container name="default">

                      <jsp-config/>

                      <websockets/>

                  </servlet-container>

                  <handlers>

                      <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>

                  </handlers>

                  <filters>

                      <response-header name="server-header" header-name="Server" header-value="WildFly/10"/>

                      <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>

                  </filters>

              </subsystem>

       

       

       

       

      When I try to connecto to my application using a chorme browser, it shows up "Invalid Certificate" and when I check my certificate the tester show me "Certificate chain is incomplete, missing intermediate(s)"

       

       

      Who can help me?

       

       

      I'm spending almost 10 day and I cannot find any help about it.

       

      Thanks and best regards,

       

      Milton