I have been struggling on this for 2 days now. I want to setup https listener on Wildfly 9.0.2.Final on my local Mac. I am new to wildfly. I have copied my wildfly settings (domain.xml and host.xml) from my production environment but on Prod we have load balancers to route to https traffic and I do not want to setup load balancers on my local. I have looked up on internet and got this far: 1. Generated a self-signed certificate following this link: https://docs.jboss.org/author/pages/viewpage.action?pageId=66322705&_sscc=t 2. Added a security-realm in host.xml:
<security-realm name="SSLRealm">
<server-identities>
<ssl>
<keystore path="foo.keystore" relative-to="jboss.domain.config.dir" alias="foo" keystore-password="secret" key-password="secret" />
</ssl>
</server-identities>
</security-realm>
The port for my application over http is 8580 (I have set port offset to be 500), i.e., I access my app on URL: http://localhost:8580/myApp When I go to any of : https://localhost/ or https://localhost:8580 or https://localhost:443 or https://localhost/myApp I just get "This site can't be reached. localhost refused to connect." response. Being new to wildfly, I can not figure out where am I making a mistake, also what should be the port to access HTTPS URL. Please let me know if I need to provide any more information. Any help will be highly appreciated.
<profiles>
<profile name="content-profile">
<subsystem.......
<subsystem xmlns="urn:jboss:domain:undertow:2.0">
<buffer-cache name="default"/>
<server name="default-server">
<ajp-listener name="ajp" socket-binding="ajp"/>
<http-listener name="default2" socket-binding="http" redirect-socket="https" proxy-address-forwarding="true" max-post-size="10737418240" max-parameters="5000"/>
<https-listener name="default" socket-binding="https" security-realm="SSLRealm" />
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
</server>
<servlet-container name="default">
<jsp-config/>
<websockets/>
</servlet-container>
<handlers>
<file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
</handlers>
<filters>
<response-header name="server-header" header-name="Server" header-value="WildFly/9"/>
<response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
</filters>
</subsystem>
</profile>
</profiles>
Okay. I just figured it out and so thought of posting the answer to help someone who might be facing the same problem.
I had setup everything right (with <ssl> under <server-identites> in host.xml and <https-listener> in undertow subsystem). I just did not know the port number to access https connection. After staring at my domain.xml for some time, I noticed <socket-binding-groups> tag, which looks something like this:
<socket-binding-groups>
<socket-binding-group name="standard-sockets" default-interface="public">
<socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
<socket-binding name="http" port="${jboss.http.port:8080}"/>
<socket-binding name="https" port="${jboss.https.port:8443}"/>
<socket-binding name="txn-recovery-environment" port="4712"/>
<socket-binding name="txn-status-manager" port="4713"/>
<outbound-socket-binding name="mail-smtp">
<remote-destination host="localhost" port="25"/>
</outbound-socket-binding>
</socket-binding-group>
....
The port number for secure connection was 8443 and I had set 500 as port offset for my application, so when I accessed https://localhost:8943/myApp ...voila! I get the prompt to accept the certificate and upon accepting, I see the home page. :D