Learn to Enable Https or Ssl for Wildfly
Here are the steps I run through to enable SSL / HTTPS for Wildfly 14. Notice that instead of generating a key / certificate pair we inste...

Notice that instead of generating a key / certificate pair we instead use a special type of container for java which is a keystore. A keystore is a single file that contains both the key and the certificate.
Assuming we are trying to secure the website broodcamp.com, here are the steps:
1.) Generate the key, in the Firstname and Lastname entry, enter your FQDN, which in our case broodcamp.com
>keytool -genkey -alias broodcamp.com -keyalg RSA -keystore keycloak.jks
2.) Convert the keystore to pkcs12 format.
>keytool -importkeystore -srckeystore keycloak.jks -destkeystore keycloak.jks -deststoretype pkcs12
3.) Generate a certificate request that we will submit to a certificate broker like namecheap.com. We will be using a Comodo PositiveSSL certificate from namecheap: https://www.namecheap.com/security/ssl-certificates/comodo/positivessl.aspx.
>keytool -certreq -alias broodcamp.com -keystore keycloak.jks > keycloak.careq
*In order to validate the certificate, I use domain validation and added a CNAME. You can also use email, etc.
4.) After validation, you should received a zipped file from namecheap that contains 3 files, the certificate, the bundle and the p7b. We will use the p7b which already contain the certificate chain and import to our keystore.
>keytool -import -alias broodcamp.com -trustcacerts -file broodcamp_com.p7b -keystore keycloak.jks
keytool -list -v -keystore keycloak.jks
*Now we have a signed certificate and here's how it should look like in Windows.
Post a Comment