Securing the management interfaces
The certificates that you have created so far can also be used for securing your management interfaces. It needs two steps to be implemented:
- Include the ssl definition in the realm used for authentication
- Set http-interface to use HTTPS communication
We will include the ssl definition in the LDAPRealm
which was previously created - if that's not your case, just change the target realm to the one you are using.
Update the LDAPRealm
by executing the following command:
/core-service=management/security-realm=LDAPRealm/server-identity=ssl/:add(keystore-path=server.keystore, keystore-relative-to=jboss.server.config.dir, keystore-password=mypassword, alias=eap7book, key-password=mypassword)
The LDAPRealm
will be updated accordingly:
<security-realm name="LdapRealm"> <server-identities> <ssl> <keystore path="server.keystore" relative-to= "jboss.server.config.dir" keystore...