How to setup local HTPPS on a Wildfly server
- https://web.dev/how-to-use-local-https
- https://github.com/FiloSottile/mkcert#installation
- https://medium.com/@hasnat.saeed/setup-ssl-https-on-jboss-wildfly-application-server-fde6288a0f40
- following steps are a summary of this article
- install mkcert
- execute the following command to generate a local certificate authority (CA)
mkcert -install # it adds mkcert to your local root CAs- restart your browser
- navigate to
<wildfly_folder>/standalone/configuration - execute the following command to create 2 .pem files:
localhost.pemandlocalhost-key.pem
mkcert localhost
the command above also signs this certificate
- following steps are a summary of this article
- navigate to
<wildfly_folder>/standalone/configuration - execute the following command with the two .pem files generated in the previous topic
openssl pkcs12 -export -out wildfly-pkcs12.pfx -in localhost.pem -inkey localhost-key.pemthis will generate the file
wildfly-pkcs12.pfx
- type a password
- make the following changes to your Wildfly's
standalone.xmlfile- add the above
<security-realm>to the<security-realms>element; remenber to replace<your-password>with the password typed previous topic
<security-realm name="UndertowRealm"> <server-identities> <ssl> <keystore path="wildfly-pkcs12.pfx" relative-to="jboss.server.config.dir" keystore-password="<your-password>" /> </ssl> </server-identities> </security-realm>
- locate the configuration for the undertow subsystem and update the attribute "security-realm" of its child element
<https-listener>to "UndertowRealm"
<subsystem xmlns="urn:jboss:domain:undertow:8.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}"> <buffer-cache name="default"/> <server name="default-server"> <http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/> <https-listener name="https" socket-binding="https" security-realm="UndertowRealm" enable-http2="true"/> <host name="default-host" alias="localhost"> <location name="/" handler="welcome-content"/> <http-invoker security-realm="ApplicationRealm"/> </host> </server> <servlet-container name="default"> <jsp-config/> <websockets/> </servlet-container> <handlers> <file name="welcome-content" path="${jboss.home.dir}/welcome- content"/> </handlers> </subsystem>
- add the above
- start/restart your Wildfly server
- you can access you site via HTTPS in https://localhost:8443