Learn to Enable Https or Ssl for Wildfly

Here are the steps I run through to enable SSL / HTTPS for Wildfly 14. Notice that instead of generating a key / certificate pair we inste...

Here are the steps I run through to enable SSL / HTTPS for Wildfly 14.

Notice that instead of generating a key / certificate pair we instead use a special type of container for java which is a keystore. A keystore is a single file that contains both the key and the certificate.

Assuming we are trying to secure the website, here are the steps:
1.) Generate the key, in the Firstname and Lastname entry, enter your FQDN, which in our case
>keytool -genkey -alias -keyalg RSA -keystore keycloak.jks

2.) Convert the keystore to pkcs12 format.
>keytool -importkeystore -srckeystore keycloak.jks -destkeystore keycloak.jks -deststoretype pkcs12

3.) Generate a certificate request that we will submit to a  certificate broker like We will be using a Comodo PositiveSSL certificate from namecheap:
>keytool -certreq -alias -keystore keycloak.jks > keycloak.careq
*In order to validate the certificate, I use domain validation and added a CNAME. You can also use email, etc.

4.) After validation, you should received a zipped file from namecheap that contains 3 files, the certificate, the bundle and the p7b. We will use the p7b which already contain the certificate chain and import to our keystore.
>keytool -import -alias -trustcacerts -file broodcamp_com.p7b -keystore keycloak.jks
keytool -list -v -keystore keycloak.jks

*Now we have a signed certificate and here's how it should look like in Windows.

Next series of steps are to modify Wildfly's standalone.xml file to enable SSL. 

5.) Modify ApplicationRealm and add the keystore.
After:   <security-realm name="ApplicationRealm"> add:
<keystore alias="server" generate-self-signed-certificate-host="localhost" key-password="password" keystore-password="password" path="application.keystore" relative-to="jboss.server.config.dir"></ssl>

6.) Search for:  <server name="default-server"> and add:

7.) If you're using java and you have a web.xml in your application, you need to enable the SSL transport. For example you have a resource manifest and want to secure it.

And before I forgot, if you are using Wildfly, it means you are running on port 8080 by default and 8443 for HTTPS. So make sure to redirect the request to 8443 and not 443.


wildfly 7811684314623715589

Post a Comment Default Comments


Are you looking for freelancers in the Philippines? Get in touch.


If you like what I do, you can support this channel by buying me a coffee. I would be grateful for your contribution! Your donations will help me create more FREE online courses and learning materials for programmers and remote workers.