How to make wildfly localhost connection automatically into https?

Question

I need to test my web application with https protocoll at localhost. How could I configure the settings on wildfly to make https://localhost:8443/myapp.html works?

New:

I added this to my security-realm:

 <security-realm name="UndertowRealm">
                <server-identities>  
                    <ssl protocol="TLS">  
                        <keystore path="my_keystore.jks" relative-to="jboss.server.config.dir" keystore-password="xxx"/>  
                    </ssl>  
                </server-identities>
            </security-realm>

The keystore: my_keystore.jks was generated with java keygen utility and it is in the folder of standalone.xml.

And I added this to my default-server:

<https-listener name="https" socket-binding="https" security-realm="UndertowRealm" />

But now I got an exception like this:

Failed to start service jboss.server.controller.management.security_realm.UndertowRealm.keystore: org.jboss.msc.service.StartException in service jboss.server.controller.management.security_realm.UndertowRealm.keystore: JBAS015229: Unable to start service
    at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:155) [wildfly-domain-management-8.0.0.Final.jar:8.0.0.Final]
    at org.jboss.as.domain.management.security.FileKeystoreService.start(FileKeystoreService.java:78) [wildfly-domain-management-8.0.0.Final.jar:8.0.0.Final]
    at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) [jboss-msc-1.2.0.Final.jar:1.2.0.Final]
    at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) [jboss-msc-1.2.0.Final.jar:1.2.0.Final]
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_55]
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_55]
    at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_55]
Caused by: java.io.IOException: Invalid keystore format
    at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:650) [rt.jar:1.7.0_55]
    at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) [rt.jar:1.7.0_55]
    at java.security.KeyStore.load(KeyStore.java:1214) [rt.jar:1.7.0_55]
    at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:114) [wildfly-domain-management-8.0.0.Final.jar:8.0.0.Final]
    ... 6 more

What is going wrong here?

Answer 1

I think you will have to add an http-listener to the undertow subsystem configuration and configure it propperly with a security realm.

I cannot check this right now but I think this is the correct way to do this. I will try to configure a server this way asap.

Thats how I've set it up once for a customer:

<security-realm name="SSLRealm">
  <server-identities>
    <ssl protocol="TLS">
      <keystore path="serverkeystore" relative-to="jboss.server.config.dir" keystore-password="secureworld" alias="servercert"/>
    </ssl>
  </server-identities>
  <authentication>
    <truststore path="servertruststore" relative-to="jboss.server.config.dir" keystore-password="secureworld"/>
  </authentication>
</security-realm>

The undertow config:

<https-listener name="default-https" socket-binding="https" security-realm="SSLRealm" verify-client="REQUESTED"/>

unfortunately I can't tell you anything more about this keystore format issue since I'm not very familiar with this topic.