Wildfly ssl 配置
程序员文章站
2022-07-11 13:12:25
...
wildfly 10 ssl (https 访问)配置步骤
1、申请域名证书或者自己生成
2、生成证书后需要转成keystore形式的证书文件,可用命令也可到
https://www.trustasia.com/tools-cert-converter,可以转换成JKS
密码要记住
3、转换好后将文件考入standalone\configuration目录下
4、配置standalone.xml
<security-realm name="SslRealm">
<server-identities>
<ssl><keystore path="ke.jks" relative-to="jboss.server.config.dir" keystore-password="your_password" />
</ssl>
</server-identities>
</security-realm>
改变default-server服务下的https的security-realm
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/>
<https-listener name="https" socket-binding="https" security-realm="SslRealm" enable-http2="true"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
</server>
改变socket-binding-group下的端口为443
<socket-binding name="https" port="${jboss.https.port:443}"/>
5启动服务,用https访问成功
1、申请域名证书或者自己生成
2、生成证书后需要转成keystore形式的证书文件,可用命令也可到
https://www.trustasia.com/tools-cert-converter,可以转换成JKS
密码要记住
3、转换好后将文件考入standalone\configuration目录下
4、配置standalone.xml
<security-realm name="SslRealm">
<server-identities>
<ssl><keystore path="ke.jks" relative-to="jboss.server.config.dir" keystore-password="your_password" />
</ssl>
</server-identities>
</security-realm>
改变default-server服务下的https的security-realm
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https" enable-http2="true"/>
<https-listener name="https" socket-binding="https" security-realm="SslRealm" enable-http2="true"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
</server>
改变socket-binding-group下的端口为443
<socket-binding name="https" port="${jboss.https.port:443}"/>
5启动服务,用https访问成功
上一篇: 进行病毒式营销活动的六个步骤