0

I have been struggling on this for 2 days now. I want to setup https listener on Wildfly 9.0.2.Final on my local Mac. I am new to wildfly. I have copied my wildfly settings (domain.xml and host.xml) from my production environment but on Prod we have load balancers to route to https traffic and I do not want to setup load balancers on my local. I have looked up on internet and got this far: 1. Generated a self-signed certificate following this link: https://docs.jboss.org/author/pages/viewpage.action?pageId=66322705&_sscc=t 2. Added a security-realm in host.xml:

<security-realm name="SSLRealm">
  <server-identities>
    <ssl>
      <keystore path="foo.keystore" relative-to="jboss.domain.config.dir" alias="foo" keystore-password="secret" key-password="secret" />
    </ssl>
  </server-identities>
</security-realm>
  1. in domain.xml I have a couple of profiles setup, and each of them have a subsystem undertow. From my searches online, I understand that I need to add an https-listener in undertow subsystem. Now, its not very clear to me in which undertow subsystem, I add the https-listener. I still added it to the profile which my application is deployed under (because I want https listener for only one app on my local). The section of my domain.xml is at the end of the question.

The port for my application over http is 8580 (I have set port offset to be 500), i.e., I access my app on URL: http://localhost:8580/myApp When I go to any of : https://localhost/ or https://localhost:8580 or https://localhost:443 or https://localhost/myApp I just get "This site can't be reached. localhost refused to connect." response. Being new to wildfly, I can not figure out where am I making a mistake, also what should be the port to access HTTPS URL. Please let me know if I need to provide any more information. Any help will be highly appreciated.

<profiles>
                            <profile name="content-profile">
                                   <subsystem.......
                                   <subsystem xmlns="urn:jboss:domain:undertow:2.0">
                                    <buffer-cache name="default"/>
                                    <server name="default-server">
                                        <ajp-listener name="ajp" socket-binding="ajp"/>
                                        <http-listener name="default2" socket-binding="http" redirect-socket="https" proxy-address-forwarding="true" max-post-size="10737418240" max-parameters="5000"/>
                                        <https-listener name="default" socket-binding="https" security-realm="SSLRealm" />
                                        <host name="default-host" alias="localhost">
                                            <location name="/" handler="welcome-content"/>
                                            <filter-ref name="server-header"/>
                                            <filter-ref name="x-powered-by-header"/>
                                        </host>
                                    </server>
                                    <servlet-container name="default">
                                        <jsp-config/>
                                        <websockets/>
                                    </servlet-container>
                                    <handlers>
                                        <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/>
                                    </handlers>
                                    <filters>
                                        <response-header name="server-header" header-name="Server" header-value="WildFly/9"/>
                                        <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/>
                                    </filters>
                                </subsystem>
                          </profile>
                    </profiles>
Swati
  • 27
  • 1
  • 8

1 Answers1

-1

Okay. I just figured it out and so thought of posting the answer to help someone who might be facing the same problem. I had setup everything right (with <ssl> under <server-identites> in host.xml and <https-listener> in undertow subsystem). I just did not know the port number to access https connection. After staring at my domain.xml for some time, I noticed <socket-binding-groups> tag, which looks something like this:

<socket-binding-groups>
        <socket-binding-group name="standard-sockets" default-interface="public">
            <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/>
            <socket-binding name="http" port="${jboss.http.port:8080}"/>
            <socket-binding name="https" port="${jboss.https.port:8443}"/>
            <socket-binding name="txn-recovery-environment" port="4712"/>
            <socket-binding name="txn-status-manager" port="4713"/>
            <outbound-socket-binding name="mail-smtp">
                <remote-destination host="localhost" port="25"/>
            </outbound-socket-binding>
        </socket-binding-group>
 ....

The port number for secure connection was 8443 and I had set 500 as port offset for my application, so when I accessed https://localhost:8943/myApp ...voila! I get the prompt to accept the certificate and upon accepting, I see the home page. :D

Swati
  • 27
  • 1
  • 8