Create and enable SSL in WildFly

Create an SSL certificate

The commands required to create a self-signed certificate for WildFly are shown below:

$ cd /opt/bitnami/wildfly/standalone/configuration
$ sudo keytool -genkey -alias server -keyalg RSA -validity 3650 -keysize 2048 -keystore server.keystore
$ sudo chown wildfly:wildfly ./server.keystore

Enable SSL

If your application includes lines similar to this in its web.xml file, you are forcing secure connections to WildFly:


To achieve this, you must first enable SSL connections in WildFly. Follow the steps below:

  • Make sure that you have a SSL certificate for WildFly stored in a keystore. Read more about this in the WildFly documentation.

  • Edit your WildFly server configuration file at /opt/bitnami/wildfly/standalone/configuration/standalone.xml and add a new security realm as shown below:

      <security-realm name="ssl-realm">
         <keystore path="server.keystore" relative-to="jboss.server.config.dir" keystore-password="keystore_password" alias="server" key-password="key_password" />
  • Modify the default listener in your WildFly configuration file above:

      <!--<http-listener name="default" socket-binding="http" />-->
      <https-listener name="default" socket-binding="https" security-realm="ssl-realm"/>
  • Restart the WildFly server.

      $ sudo /opt/bitnami/ restart wildfly
Last modification April 22, 2021