Create and enable SSL in WildFly

Create an SSL certificate

The commands required to create a self-signed certificate for WildFly are shown below:

$ cd /opt/bitnami/wildfly/standalone/configuration
$ sudo keytool -genkey -alias server -keyalg RSA -validity 3650 -keysize 2048 -keystore server.keystore
$ sudo chown wildfly:wildfly ./server.keystore

Enable SSL

If your application includes lines similar to this in its web.xml file, you are forcing secure connections to WildFly:

<user-data-constraint>
     <transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>

To achieve this, you must first enable SSL connections in WildFly. Follow the steps below:

Make sure that you have a SSL certificate for WildFly stored in a keystore. Read more about this in the WildFly documentation.

Edit your WildFly server configuration file at /opt/bitnami/wildfly/standalone/configuration/standalone.xml and add a new security realm as shown below:

  <security-realm name="ssl-realm">
   <server-identities>
    <ssl>
     <keystore path="server.keystore" relative-to="jboss.server.config.dir" keystore-password="keystore_password" alias="server" key-password="key_password" />
    </ssl>
   </server-identities>
  </security-realm>

Modify the default listener in your WildFly configuration file above:

  <!--<http-listener name="default" socket-binding="http" />-->
  <https-listener name="default" socket-binding="https" security-realm="ssl-realm"/>

Restart the WildFly server.

  $ sudo /opt/bitnami/ctlscript.sh restart wildfly

Last modification April 22, 2021

Kubeapps

Kubernetes Tutorials

Documentation

Tutorials

Support

Open Source

We're hiring

Resources

Newsroom

Careers

Create and enable SSL in WildFly

Create an SSL certificate

Enable SSL

Products

Projects

Solutions

Company

Legal

Support