I have been struggling on this for 2 days now. I want to setup https listener on Wildfly 9.0.2.Final on my local Mac. I am new to wildfly. I have copied my wildfly settings (domain.xml and host.xml) from my production environment but on Prod we have load balancers to route to https traffic and I do not want to setup load balancers on my local. I have looked up on internet and got this far:
1. Generated a self-signed certificate following this link:
https://docs.jboss.org/author/pages/viewpage.action?pageId=66322705&_sscc=t 2. Added a security-realm in host.xml:
3. in domain.xml I have a couple of profiles setup, and each of them have a subsystem undertow. From my searches online, I understand that I need to add an https-listener in undertow subsystem. Now, its not very clear to me in which undertow subsystem, I add the https-listener. I still added it to the profile which my application is deployed under (because I want https listener for only one app on my local). Below is a section of my domain.xml:
The port for my application over http is 8580 (I have set port offset to be 500), i.e., I access my app on URL:
http://localhost:8580/myApp When I go to any of :
https://localhost/ or https://localhost:8580 or https://localhost:443 or https://localhost/myApp I just get "This site can't be reached. localhost refused to connect." response.
Being new to wildfly, I can not figure out where am I making a mistake, also what should be the port to access HTTPS URL.
Please let me know if I need to provide any more information.
Any help will be highly appreciated.
Hi Rob, thanks for replying.
I used pure Java SSL-Setup to create the keystore.
You have pointed out a few (obvious :P) things I missed. :P
I have not setup the connector nor the port configuration (i.e., no socket binding). But I thought setting <ssl> under <server-identities> and setting <https-listener> in undertow subsystem was a replacement of that. [Not sure why I assumed that.]
In my undertow subsystem, I have an http-listener instead of a connector for http. Do you suggest I should add connector for only https or both https and http?
posted 2 years ago
Hey, I just figured it out. Thanks so much Rob for pointing towards socket binding. After staring at my domain.xml for a few minutes, I noticed, the socket-binding for https under "standard-sockets" group was 8443. so I accessed https://localhost:8443/myApp Still "the site can't be reached" response. Then I realized I had set 500 as my port offset. So I tried https://localhost:8943/myApp and voila! I get the prompt to accept the certificate and after accepting, I see the home page.
Thanks again, Rob. You saved my day!
PS: I did not have to add connector to undertow subsystem. And socket-binding was already there, I got the correct https port from there.