如何自动将wildfly localhost连接到https?

时间:2014-10-23 12:55:58

标签: https wildfly

我需要在localhost上使用https protocoll测试我的Web应用程序。如何在wildfly上配置设置以使https://localhost:8443/myapp.html有效?

新:

我将此添加到我的安全领域:

 <security-realm name="UndertowRealm">
                <server-identities>  
                    <ssl protocol="TLS">  
                        <keystore path="my_keystore.jks" relative-to="jboss.server.config.dir" keystore-password="xxx"/>  
                    </ssl>  
                </server-identities>
            </security-realm>

密钥库:my_keystore.jks是使用java keygen实用程序生成的,它位于standalone.xml的文件夹中。

我将其添加到我的默认服务器:

<https-listener name="https" socket-binding="https" security-realm="UndertowRealm" />

但现在我得到了这样的例外:

Failed to start service jboss.server.controller.management.security_realm.UndertowRealm.keystore: org.jboss.msc.service.StartException in service jboss.server.controller.management.security_realm.UndertowRealm.keystore: JBAS015229: Unable to start service
    at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:155) [wildfly-domain-management-8.0.0.Final.jar:8.0.0.Final]
    at org.jboss.as.domain.management.security.FileKeystoreService.start(FileKeystoreService.java:78) [wildfly-domain-management-8.0.0.Final.jar:8.0.0.Final]
    at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) [jboss-msc-1.2.0.Final.jar:1.2.0.Final]
    at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) [jboss-msc-1.2.0.Final.jar:1.2.0.Final]
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_55]
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_55]
    at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_55]
Caused by: java.io.IOException: Invalid keystore format
    at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:650) [rt.jar:1.7.0_55]
    at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) [rt.jar:1.7.0_55]
    at java.security.KeyStore.load(KeyStore.java:1214) [rt.jar:1.7.0_55]
    at org.jboss.as.domain.management.security.FileKeystore.load(FileKeystore.java:114) [wildfly-domain-management-8.0.0.Final.jar:8.0.0.Final]
    ... 6 more

这里出了什么问题?

1 个答案:

答案 0 :(得分:2)

我认为你必须在下位子系统配置中添加一个http-listener,并使用安全领域进行适当的配置。

我现在无法检查,但我认为这是正确的方法。我将尝试以这种方式配置服务器。

这就是我为客户设置的一次:

<security-realm name="SSLRealm">
  <server-identities>
    <ssl protocol="TLS">
      <keystore path="serverkeystore" relative-to="jboss.server.config.dir" keystore-password="secureworld" alias="servercert"/>
    </ssl>
  </server-identities>
  <authentication>
    <truststore path="servertruststore" relative-to="jboss.server.config.dir" keystore-password="secureworld"/>
  </authentication>
</security-realm>

下载配置:

<https-listener name="default-https" socket-binding="https" security-realm="SSLRealm" verify-client="REQUESTED"/>

不幸的是,由于我对此主题不是很熟悉,因此我无法再告诉您有关此密钥库格式问题的更多信息。