This week's book giveaway is in the Features new in Java 9 forum.
We're giving away four copies of Java 9 Revealed and have Kishori Sharan on-line!
See this thread for details.
Win a copy of Java 9 Revealed this week in the Features new in Java 9 forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Setting https listener on Wildfly 9.0.2  RSS feed

 
Swati Sisodia
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have been struggling on this for 2 days now. I want to setup https listener on Wildfly 9.0.2.Final on my local Mac. I am new to wildfly. I have copied my wildfly settings (domain.xml and host.xml) from my production environment but on Prod we have load balancers to route to https traffic and I do not want to setup load balancers on my local. I have looked up on internet and got this far:
1. Generated a self-signed certificate following this link:
https://docs.jboss.org/author/pages/viewpage.action?pageId=66322705&_sscc=t
2. Added a security-realm in host.xml:


3. in domain.xml I have a couple of profiles setup, and each of them have a subsystem undertow. From my searches online, I understand that I need to add an https-listener in undertow subsystem. Now, its not very clear to me in which undertow subsystem, I add the https-listener. I still added it to the profile which my application is deployed under (because I want https listener for only one app on my local). Below is a section of my domain.xml:

   
The port for my application over http is 8580 (I have set port offset to be 500), i.e., I access my app on URL:
http://localhost:8580/myApp
When I go to any of :
https://localhost/ or https://localhost:8580 or https://localhost:443 or https://localhost/myApp
I just get "This site can't be reached. localhost refused to connect." response.
Being new to wildfly, I can not figure out where am I making a mistake, also what should be the port to access HTTPS URL.
Please let me know if I need to provide any more information.
Any help will be highly appreciated.
 
Rob Spoor
Sheriff
Posts: 20941
81
Chrome Eclipse IDE Java Windows
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That link to docs.jboss.org tells you to setup a connector. For instance, if you used the pure Java SSL setup:
Also, don't forget to setup a socket binding as shown on the bottom of that page.
 
Rob Spoor
Sheriff
Posts: 20941
81
Chrome Eclipse IDE Java Windows
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Apparently, WildFly 9 has dropped the web subsystem in favor of the undertow subsystem. You still need the socket binding though. Did you set that up as well?
 
Swati Sisodia
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Rob, thanks for replying.
I used pure Java SSL-Setup to create the keystore.
You have pointed out a few (obvious :P) things I missed. :P
I have not setup the connector nor the port configuration (i.e., no socket binding). But I thought setting <ssl> under <server-identities> and setting <https-listener> in undertow subsystem was a replacement of that. [Not sure why I assumed that.]
In my undertow subsystem, I have an http-listener instead of a connector for http. Do you suggest I should add connector for only https or both https and http?
 
Swati Sisodia
Greenhorn
Posts: 23
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hey, I just figured it out. Thanks so much Rob for pointing towards socket binding. After staring at my domain.xml for a few minutes, I noticed, the socket-binding for https under "standard-sockets" group was 8443. so I accessed https://localhost:8443/myApp Still "the site can't be reached" response. Then I realized I had set 500 as my port offset. So I tried https://localhost:8943/myApp and voila! I get the prompt to accept the certificate and after accepting, I see the home page.
Thanks again, Rob. You saved my day!

PS: I did not have to add connector to undertow subsystem. And socket-binding was already there, I got the correct https port from there.
 
Rob Spoor
Sheriff
Posts: 20941
81
Chrome Eclipse IDE Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Swati Sisodia wrote:Thanks again, Rob. You saved my day!

You're welcome

PS: I did not have to add connector to undertow subsystem.

Correct, that's the old way, using the web subsystem. Undertow does it differently.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!