Java Reference
In-Depth Information
We just have to replace the path we used with our actual JDK path and use the client
store's password in order to complete this operation (the default value is changeit ).
Otherwise, if you want to import the certificate into a newly created truststore ob-
ject, just substitute the cacerts destination with your client's truststore object.
keytool -import -v -trustcacerts -alias wflyAlias -file
sslPublicKey.cer -keystore jbossClient.keystore -keypass
clientPassword -storepass clientPassword
If you choose the latter option, you need to add the following properties to your client's
JDK arguments, which will override the default JDK's truststore object:
Creating an SSL-aware security realm
Within WildFly, security realms are used to secure access to the management interfaces,
HTTP interface, and remote JNDI and EJB access. Within a security realm, it is also pos-
sible to define an identity for the server; this identity can be used for both inbound con-
nections to the server and outbound connections being established by the server.
Therefore, in order to enable SSL communication for our EJB communication and HTTP,
we will define a security realm (named EJBRealm ) that is bound to a server identity,
which references the server's keystore object, shown as follows:
<security-realm name="EJBRealm">
<keystore path="jboss.keystore"
<jaas name="ejb-security-domain"/>
Search WWH ::

Custom Search