I'm trying to enable SSL on my wildfly 11 application server, i bought an ssl certificate in godaddy and downloaded a zip file with this inside:
1. 22c8728db3996008.crt
2. 22c8728db3996008.pem
3. gd_bundle-g2-g1.crt
I follow this steps to install, with this commands:
1. keytool -genkey -alias myalias -keyalg RSA -keystore keystore.jks
2. keytool -import -alias root -keystore keystore.jks -trustcacerts -file C:\path\to\cert\22c8728db3996008.crt
3. keytool -import -alias intermed -keystore keystore.jks -trustcacerts -file C:\path\to\cert\gd_bundle-g2-g1.crt
Then copy the keystore.jks file on the standalone/configuration directory
And modify standalone.xml file:
<security-realm name="ApplicationRealm">
<server-identities>
<ssl>
<keystore path="keystore.jks" relative-to="jboss.server.config.dir" keystore-password="mypassword" alias="myalias" key-password="mypassword"/>
</ssl>
</server-identities>
<authentication>
<local default-user="$local" allowed-users="*" skip-group-loading="true"/>
<properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
<authorization>
<properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
</authorization>
</security-realm>
And
<https-listener name="default-ssl" socket-binding="https" security-realm="SslRealm"/>
Then restart the server but booting appears this error:
ERROR [org.jboss.msc.service.fail] (MSC service thread 1-7) MSC000001: Failed to start service org.wildfly.core.management.security.realm.SslRealm.key-manager: org.jboss.msc.service.StartException in service org.wildfly.core.management.security.realm.SslRealm.key-manager: Failed to start service
at org.jboss.msc//org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1978)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.lang.IllegalStateException: org.jboss.msc.service.StartException in anonymous service: WFLYDM0086: The KeyStore can not be found at keystore.jks
at org.jboss.as.domain-management//org.jboss.as.domain.management.security.FileKeyManagerService.loadKeyStore(FileKeyManagerService.java:173)
at org.jboss.as.domain-management//org.jboss.as.domain.management.security.AbstractKeyManagerService.createKeyManagers(AbstractKeyManagerService.java:131)
at org.jboss.as.domain-management//org.jboss.as.domain.management.security.AbstractKeyManagerService.start(AbstractKeyManagerService.java:89)
at org.jboss.msc//org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:2032)
at org.jboss.msc//org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1955)
... 3 more
Caused by: org.jboss.msc.service.StartException in anonymous service: WFLYDM0086: The KeyStore can not be found at keystore.jks
at org.jboss.as.domain-management//org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:114)
at org.jboss.as.domain-management//org.jboss.as.domain.management.security.FileKeyManagerService.loadKeyStore(FileKeyManagerService.java:169)
... 7 more
How can i install and use my ssl certificate?
After many tries, I was able to solve it.
First to create a keystore file (.keystore), install KeyStore Explorer and follow this steps.
Second for add the keytore file to Wildfly follow this steps.
To redirect all traffic from the server to HTTPS do with this.
And that's it, the SSL certificate works ok.
Hope this help to someone.