I am new to this forum and to the whole Wildfly/JBOSS universe, so please forgive me if I am not accurate in contexts that are typical between developers.
We have a functioning Wildfly 14.0.1 (windows server) running successfully a web application. We have all in place using a Keystore to use an SSL certificate for the deployment. We now have a requirement to add a second certificate to respond to another alias/hostname in the same server, but Wildfly only sees the first, primary certificate within the Keystore. What would be the best approach (configuring the Standalone.xml) so that we can use that second certificate within the Keystore to actually respond to the second domain alias that we have in place.
We currently have a .com hostname in the standalone.xml and added an alias as .net so that the client can access the portal through the .net URL as well. The thing is that the .net is not applying the certificate because is actually seeing the .com certificate within the Keystore, not the .net
How can we apply this second SSL certificate to point to the second (.net) hostname to be able to secure the request to the .net URL?
In other words, you have two virtual hosts and each needs its own SSL certificate. So far so good.
Tomcat is no longer the built-in engine for JBoss/Wildfly, but I figured it probably has influenced whatever replaced it, so I went back to check how Tomcat does it and it's rather sticky.
Actually, what would probably work better would be to front WildFly with a reverse proxy server such as Apache or Nginx. You can define your virtual hosts there, assign a different SSL cert to each virtual host definition and gain the added benefits of being able to use the standard SSL port (443) without compromising security - plus you would have a central dispatching point for both Java and non-java webapps.
The extra overhead is minimal and the benefits are considerable, which is why this is a popular solution.
Sources may include data from the Fakebook Research Foundation with support from Gargle University