SSL

Owned by JoakimJ
Last updated: Dec 22, 2016
standalone-full ( SSL )
<management>  
    <security-realms>          
        <security-realm name="UndertowRealm">
            <server-identities>
                <ssl>
                    <keystore path="server.keystore" relative-to="jboss.server.config.dir" keystore-password="keypassword" key-password="keypassword"/>
                </ssl>
            </server-identities>
            <authentication>
                <truststore path="client.truststore" relative-to="jboss.server.config.dir" keystore-password="keypassword"/>
                <local default-user="$local" skip-group-loading="true"/>
                <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
            </authentication>
        </security-realm>
    </security-realms>
</management> 


<subsystem xmlns="urn:jboss:domain:remoting:2.0">
    <http-connector name="https-remoting-connector" connector-ref="default-https" security-realm="UndertowRealm"/>
</subsystem>


<security-domains>
    <security-domain name="client_cert_domain" cache-type="default">
        <authentication>
            <login-module code="CertificateRoles" flag="required">
                <module-option name="verifier" value="org.jboss.security.auth.certs.AnyCertVerifier"/>
                <module-option name="securityDomain" value="client_cert_domain"/>
                <module-option name="rolesProperties" value="file:${jboss.server.config.dir}/app-roles.properties"/>
            </login-module>
        </authentication>
        <jsse keystore-password="keypassword" keystore-url="file:${jboss.server.config.dir}/server.keystore" truststore-password="keypassword" truststore-url="file:${jboss.server.config.dir}/client.truststore" client-auth="true"/>
    </security-domain>
</security-domains>