helloworld-mutual-ssl
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|
parent directory.. | ||||
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="generator" content="Asciidoctor 2.0.10"> <meta name="author" content="Giriraj Sharma, Stefan Guilhen"> <title>helloworld-mutual-ssl: JBoss EAP Mutual SSL(two-way) Configuration Example</title> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic%7CNoto+Serif:400,400italic,700,700italic%7CDroid+Sans+Mono:400,700"> <style> /* Asciidoctor default stylesheet | MIT License | https://asciidoctor.org */ /* Uncomment @import statement to use as custom stylesheet */ /*@import "https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic%7CNoto+Serif:400,400italic,700,700italic%7CDroid+Sans+Mono:400,700";*/ article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section{display:block} audio,video{display:inline-block} audio:not([controls]){display:none;height:0} html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%} a{background:none} a:focus{outline:thin dotted} a:active,a:hover{outline:0} h1{font-size:2em;margin:.67em 0} abbr[title]{border-bottom:1px dotted} b,strong{font-weight:bold} dfn{font-style:italic} hr{-moz-box-sizing:content-box;box-sizing:content-box;height:0} mark{background:#ff0;color:#000} code,kbd,pre,samp{font-family:monospace;font-size:1em} pre{white-space:pre-wrap} q{quotes:"\201C" "\201D" "\2018" "\2019"} small{font-size:80%} sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline} sup{top:-.5em} sub{bottom:-.25em} img{border:0} svg:not(:root){overflow:hidden} figure{margin:0} fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em} legend{border:0;padding:0} button,input,select,textarea{font-family:inherit;font-size:100%;margin:0} button,input{line-height:normal} button,select{text-transform:none} button,html input[type="button"],input[type="reset"],input[type="submit"]{-webkit-appearance:button;cursor:pointer} button[disabled],html input[disabled]{cursor:default} input[type="checkbox"],input[type="radio"]{box-sizing:border-box;padding:0} button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0} textarea{overflow:auto;vertical-align:top} table{border-collapse:collapse;border-spacing:0} *,*::before,*::after{-moz-box-sizing:border-box;-webkit-box-sizing:border-box;box-sizing:border-box} html,body{font-size:100%} body{background:#fff;color:rgba(0,0,0,.8);padding:0;margin:0;font-family:"Noto Serif","DejaVu Serif",serif;font-weight:400;font-style:normal;line-height:1;position:relative;cursor:auto;tab-size:4;-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased} a:hover{cursor:pointer} img,object,embed{max-width:100%;height:auto} object,embed{height:100%} img{-ms-interpolation-mode:bicubic} .left{float:left!important} .right{float:right!important} .text-left{text-align:left!important} .text-right{text-align:right!important} .text-center{text-align:center!important} .text-justify{text-align:justify!important} .hide{display:none} img,object,svg{display:inline-block;vertical-align:middle} textarea{height:auto;min-height:50px} select{width:100%} .center{margin-left:auto;margin-right:auto} .stretch{width:100%} .subheader,.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{line-height:1.45;color:#7a2518;font-weight:400;margin-top:0;margin-bottom:.25em} div,dl,dt,dd,ul,ol,li,h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6,pre,form,p,blockquote,th,td{margin:0;padding:0;direction:ltr} a{color:#2156a5;text-decoration:underline;line-height:inherit} a:hover,a:focus{color:#1d4b8f} a img{border:0} p{font-family:inherit;font-weight:400;font-size:1em;line-height:1.6;margin-bottom:1.25em;text-rendering:optimizeLegibility} p aside{font-size:.875em;line-height:1.35;font-style:italic} h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{font-family:"Open Sans","DejaVu Sans",sans-serif;font-weight:300;font-style:normal;color:#ba3925;text-rendering:optimizeLegibility;margin-top:1em;margin-bottom:.5em;line-height:1.0125em} h1 small,h2 small,h3 small,#toctitle small,.sidebarblock>.content>.title small,h4 small,h5 small,h6 small{font-size:60%;color:#e99b8f;line-height:0} h1{font-size:2.125em} h2{font-size:1.6875em} h3,#toctitle,.sidebarblock>.content>.title{font-size:1.375em} h4,h5{font-size:1.125em} h6{font-size:1em} hr{border:solid #dddddf;border-width:1px 0 0;clear:both;margin:1.25em 0 1.1875em;height:0} em,i{font-style:italic;line-height:inherit} strong,b{font-weight:bold;line-height:inherit} small{font-size:60%;line-height:inherit} code{font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:400;color:rgba(0,0,0,.9)} ul,ol,dl{font-size:1em;line-height:1.6;margin-bottom:1.25em;list-style-position:outside;font-family:inherit} ul,ol{margin-left:1.5em} ul li ul,ul li ol{margin-left:1.25em;margin-bottom:0;font-size:1em} ul.square li ul,ul.circle li ul,ul.disc li ul{list-style:inherit} ul.square{list-style-type:square} ul.circle{list-style-type:circle} ul.disc{list-style-type:disc} ol li ul,ol li ol{margin-left:1.25em;margin-bottom:0} dl dt{margin-bottom:.3125em;font-weight:bold} dl dd{margin-bottom:1.25em} abbr,acronym{text-transform:uppercase;font-size:90%;color:rgba(0,0,0,.8);border-bottom:1px dotted #ddd;cursor:help} abbr{text-transform:none} blockquote{margin:0 0 1.25em;padding:.5625em 1.25em 0 1.1875em;border-left:1px solid #ddd} blockquote cite{display:block;font-size:.9375em;color:rgba(0,0,0,.6)} blockquote cite::before{content:"\2014 \0020"} blockquote cite a,blockquote cite a:visited{color:rgba(0,0,0,.6)} blockquote,blockquote p{line-height:1.6;color:rgba(0,0,0,.85)} @media screen and (min-width:768px){h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2} h1{font-size:2.75em} h2{font-size:2.3125em} h3,#toctitle,.sidebarblock>.content>.title{font-size:1.6875em} h4{font-size:1.4375em}} table{background:#fff;margin-bottom:1.25em;border:solid 1px #dedede} table thead,table tfoot{background:#f7f8f7} table thead tr th,table thead tr td,table tfoot tr th,table tfoot tr td{padding:.5em .625em .625em;font-size:inherit;color:rgba(0,0,0,.8);text-align:left} table tr th,table tr td{padding:.5625em .625em;font-size:inherit;color:rgba(0,0,0,.8)} table tr.even,table tr.alt{background:#f8f8f7} table thead tr th,table tfoot tr th,table tbody tr td,table tr td,table tfoot tr td{display:table-cell;line-height:1.6} h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2;word-spacing:-.05em} h1 strong,h2 strong,h3 strong,#toctitle strong,.sidebarblock>.content>.title strong,h4 strong,h5 strong,h6 strong{font-weight:400} .clearfix::before,.clearfix::after,.float-group::before,.float-group::after{content:" ";display:table} .clearfix::after,.float-group::after{clear:both} :not(pre):not([class^=L])>code{font-size:.9375em;font-style:normal!important;letter-spacing:0;padding:.1em .5ex;word-spacing:-.15em;background:#f7f7f8;-webkit-border-radius:4px;border-radius:4px;line-height:1.45;text-rendering:optimizeSpeed;word-wrap:break-word} :not(pre)>code.nobreak{word-wrap:normal} :not(pre)>code.nowrap{white-space:nowrap} pre{color:rgba(0,0,0,.9);font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;line-height:1.45;text-rendering:optimizeSpeed} pre code,pre pre{color:inherit;font-size:inherit;line-height:inherit} pre>code{display:block} pre.nowrap,pre.nowrap pre{white-space:pre;word-wrap:normal} em em{font-style:normal} strong strong{font-weight:400} .keyseq{color:rgba(51,51,51,.8)} kbd{font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;display:inline-block;color:rgba(0,0,0,.8);font-size:.65em;line-height:1.45;background:#f7f7f7;border:1px solid #ccc;-webkit-border-radius:3px;border-radius:3px;-webkit-box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em white inset;box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em #fff inset;margin:0 .15em;padding:.2em .5em;vertical-align:middle;position:relative;top:-.1em;white-space:nowrap} .keyseq kbd:first-child{margin-left:0} .keyseq kbd:last-child{margin-right:0} .menuseq,.menuref{color:#000} .menuseq b:not(.caret),.menuref{font-weight:inherit} .menuseq{word-spacing:-.02em} .menuseq b.caret{font-size:1.25em;line-height:.8} .menuseq i.caret{font-weight:bold;text-align:center;width:.45em} b.button::before,b.button::after{position:relative;top:-1px;font-weight:400} b.button::before{content:"[";padding:0 3px 0 2px} b.button::after{content:"]";padding:0 2px 0 3px} p a>code:hover{color:rgba(0,0,0,.9)} #header,#content,#footnotes,#footer{width:100%;margin-left:auto;margin-right:auto;margin-top:0;margin-bottom:0;max-width:62.5em;*zoom:1;position:relative;padding-left:.9375em;padding-right:.9375em} #header::before,#header::after,#content::before,#content::after,#footnotes::before,#footnotes::after,#footer::before,#footer::after{content:" ";display:table} #header::after,#content::after,#footnotes::after,#footer::after{clear:both} #content{margin-top:1.25em} #content::before{content:none} #header>h1:first-child{color:rgba(0,0,0,.85);margin-top:2.25rem;margin-bottom:0} #header>h1:first-child+#toc{margin-top:8px;border-top:1px solid #dddddf} #header>h1:only-child,body.toc2 #header>h1:nth-last-child(2){border-bottom:1px solid #dddddf;padding-bottom:8px} #header .details{border-bottom:1px solid #dddddf;line-height:1.45;padding-top:.25em;padding-bottom:.25em;padding-left:.25em;color:rgba(0,0,0,.6);display:-ms-flexbox;display:-webkit-flex;display:flex;-ms-flex-flow:row wrap;-webkit-flex-flow:row wrap;flex-flow:row wrap} #header .details span:first-child{margin-left:-.125em} #header .details span.email a{color:rgba(0,0,0,.85)} #header .details br{display:none} #header .details br+span::before{content:"\00a0\2013\00a0"} #header .details br+span.author::before{content:"\00a0\22c5\00a0";color:rgba(0,0,0,.85)} #header .details br+span#revremark::before{content:"\00a0|\00a0"} #header #revnumber{text-transform:capitalize} #header #revnumber::after{content:"\00a0"} #content>h1:first-child:not([class]){color:rgba(0,0,0,.85);border-bottom:1px solid #dddddf;padding-bottom:8px;margin-top:0;padding-top:1rem;margin-bottom:1.25rem} #toc{border-bottom:1px solid #e7e7e9;padding-bottom:.5em} #toc>ul{margin-left:.125em} #toc ul.sectlevel0>li>a{font-style:italic} #toc ul.sectlevel0 ul.sectlevel1{margin:.5em 0} #toc ul{font-family:"Open Sans","DejaVu Sans",sans-serif;list-style-type:none} #toc li{line-height:1.3334;margin-top:.3334em} #toc a{text-decoration:none} #toc a:active{text-decoration:underline} #toctitle{color:#7a2518;font-size:1.2em} @media screen and (min-width:768px){#toctitle{font-size:1.375em} body.toc2{padding-left:15em;padding-right:0} #toc.toc2{margin-top:0!important;background:#f8f8f7;position:fixed;width:15em;left:0;top:0;border-right:1px solid #e7e7e9;border-top-width:0!important;border-bottom-width:0!important;z-index:1000;padding:1.25em 1em;height:100%;overflow:auto} #toc.toc2 #toctitle{margin-top:0;margin-bottom:.8rem;font-size:1.2em} #toc.toc2>ul{font-size:.9em;margin-bottom:0} #toc.toc2 ul ul{margin-left:0;padding-left:1em} #toc.toc2 ul.sectlevel0 ul.sectlevel1{padding-left:0;margin-top:.5em;margin-bottom:.5em} body.toc2.toc-right{padding-left:0;padding-right:15em} body.toc2.toc-right #toc.toc2{border-right-width:0;border-left:1px solid #e7e7e9;left:auto;right:0}} @media screen and (min-width:1280px){body.toc2{padding-left:20em;padding-right:0} #toc.toc2{width:20em} #toc.toc2 #toctitle{font-size:1.375em} #toc.toc2>ul{font-size:.95em} #toc.toc2 ul ul{padding-left:1.25em} body.toc2.toc-right{padding-left:0;padding-right:20em}} #content #toc{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px} #content #toc>:first-child{margin-top:0} #content #toc>:last-child{margin-bottom:0} #footer{max-width:100%;background:rgba(0,0,0,.8);padding:1.25em} #footer-text{color:rgba(255,255,255,.8);line-height:1.44} #content{margin-bottom:.625em} .sect1{padding-bottom:.625em} @media screen and (min-width:768px){#content{margin-bottom:1.25em} .sect1{padding-bottom:1.25em}} .sect1:last-child{padding-bottom:0} .sect1+.sect1{border-top:1px solid #e7e7e9} #content h1>a.anchor,h2>a.anchor,h3>a.anchor,#toctitle>a.anchor,.sidebarblock>.content>.title>a.anchor,h4>a.anchor,h5>a.anchor,h6>a.anchor{position:absolute;z-index:1001;width:1.5ex;margin-left:-1.5ex;display:block;text-decoration:none!important;visibility:hidden;text-align:center;font-weight:400} #content h1>a.anchor::before,h2>a.anchor::before,h3>a.anchor::before,#toctitle>a.anchor::before,.sidebarblock>.content>.title>a.anchor::before,h4>a.anchor::before,h5>a.anchor::before,h6>a.anchor::before{content:"\00A7";font-size:.85em;display:block;padding-top:.1em} #content h1:hover>a.anchor,#content h1>a.anchor:hover,h2:hover>a.anchor,h2>a.anchor:hover,h3:hover>a.anchor,#toctitle:hover>a.anchor,.sidebarblock>.content>.title:hover>a.anchor,h3>a.anchor:hover,#toctitle>a.anchor:hover,.sidebarblock>.content>.title>a.anchor:hover,h4:hover>a.anchor,h4>a.anchor:hover,h5:hover>a.anchor,h5>a.anchor:hover,h6:hover>a.anchor,h6>a.anchor:hover{visibility:visible} #content h1>a.link,h2>a.link,h3>a.link,#toctitle>a.link,.sidebarblock>.content>.title>a.link,h4>a.link,h5>a.link,h6>a.link{color:#ba3925;text-decoration:none} #content h1>a.link:hover,h2>a.link:hover,h3>a.link:hover,#toctitle>a.link:hover,.sidebarblock>.content>.title>a.link:hover,h4>a.link:hover,h5>a.link:hover,h6>a.link:hover{color:#a53221} details,.audioblock,.imageblock,.literalblock,.listingblock,.stemblock,.videoblock{margin-bottom:1.25em} details>summary:first-of-type{cursor:pointer;display:list-item;outline:none;margin-bottom:.75em} .admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{text-rendering:optimizeLegibility;text-align:left;font-family:"Noto Serif","DejaVu Serif",serif;font-size:1rem;font-style:italic} table.tableblock.fit-content>caption.title{white-space:nowrap;width:0} .paragraph.lead>p,#preamble>.sectionbody>[class="paragraph"]:first-of-type p{font-size:1.21875em;line-height:1.6;color:rgba(0,0,0,.85)} table.tableblock #preamble>.sectionbody>[class="paragraph"]:first-of-type p{font-size:inherit} .admonitionblock>table{border-collapse:separate;border:0;background:none;width:100%} .admonitionblock>table td.icon{text-align:center;width:80px} .admonitionblock>table td.icon img{max-width:none} .admonitionblock>table td.icon .title{font-weight:bold;font-family:"Open Sans","DejaVu Sans",sans-serif;text-transform:uppercase} .admonitionblock>table td.content{padding-left:1.125em;padding-right:1.25em;border-left:1px solid #dddddf;color:rgba(0,0,0,.6)} .admonitionblock>table td.content>:last-child>:last-child{margin-bottom:0} .exampleblock>.content{border-style:solid;border-width:1px;border-color:#e6e6e6;margin-bottom:1.25em;padding:1.25em;background:#fff;-webkit-border-radius:4px;border-radius:4px} .exampleblock>.content>:first-child{margin-top:0} .exampleblock>.content>:last-child{margin-bottom:0} .sidebarblock{border-style:solid;border-width:1px;border-color:#dbdbd6;margin-bottom:1.25em;padding:1.25em;background:#f3f3f2;-webkit-border-radius:4px;border-radius:4px} .sidebarblock>:first-child{margin-top:0} .sidebarblock>:last-child{margin-bottom:0} .sidebarblock>.content>.title{color:#7a2518;margin-top:0;text-align:center} .exampleblock>.content>:last-child>:last-child,.exampleblock>.content .olist>ol>li:last-child>:last-child,.exampleblock>.content .ulist>ul>li:last-child>:last-child,.exampleblock>.content .qlist>ol>li:last-child>:last-child,.sidebarblock>.content>:last-child>:last-child,.sidebarblock>.content .olist>ol>li:last-child>:last-child,.sidebarblock>.content .ulist>ul>li:last-child>:last-child,.sidebarblock>.content .qlist>ol>li:last-child>:last-child{margin-bottom:0} .literalblock pre,.listingblock>.content>pre{-webkit-border-radius:4px;border-radius:4px;word-wrap:break-word;overflow-x:auto;padding:1em;font-size:.8125em} @media screen and (min-width:768px){.literalblock pre,.listingblock>.content>pre{font-size:.90625em}} @media screen and (min-width:1280px){.literalblock pre,.listingblock>.content>pre{font-size:1em}} .literalblock pre,.listingblock>.content>pre:not(.highlight),.listingblock>.content>pre[class="highlight"],.listingblock>.content>pre[class^="highlight "]{background:#f7f7f8} .literalblock.output pre{color:#f7f7f8;background:rgba(0,0,0,.9)} .listingblock>.content{position:relative} .listingblock code[data-lang]::before{display:none;content:attr(data-lang);position:absolute;font-size:.75em;top:.425rem;right:.5rem;line-height:1;text-transform:uppercase;color:inherit;opacity:.5} .listingblock:hover code[data-lang]::before{display:block} .listingblock.terminal pre .command::before{content:attr(data-prompt);padding-right:.5em;color:inherit;opacity:.5} .listingblock.terminal pre .command:not([data-prompt])::before{content:"$"} .listingblock pre.highlightjs{padding:0} .listingblock pre.highlightjs>code{padding:1em;-webkit-border-radius:4px;border-radius:4px} .listingblock pre.prettyprint{border-width:0} .prettyprint{background:#f7f7f8} pre.prettyprint .linenums{line-height:1.45;margin-left:2em} pre.prettyprint li{background:none;list-style-type:inherit;padding-left:0} pre.prettyprint li code[data-lang]::before{opacity:1} pre.prettyprint li:not(:first-child) code[data-lang]::before{display:none} table.linenotable{border-collapse:separate;border:0;margin-bottom:0;background:none} table.linenotable td[class]{color:inherit;vertical-align:top;padding:0;line-height:inherit;white-space:normal} table.linenotable td.code{padding-left:.75em} table.linenotable td.linenos{border-right:1px solid currentColor;opacity:.35;padding-right:.5em} pre.pygments .lineno{border-right:1px solid currentColor;opacity:.35;display:inline-block;margin-right:.75em} pre.pygments .lineno::before{content:"";margin-right:-.125em} .quoteblock{margin:0 1em 1.25em 1.5em;display:table} .quoteblock:not(.excerpt)>.title{margin-left:-1.5em;margin-bottom:.75em} .quoteblock blockquote,.quoteblock p{color:rgba(0,0,0,.85);font-size:1.15rem;line-height:1.75;word-spacing:.1em;letter-spacing:0;font-style:italic;text-align:justify} .quoteblock blockquote{margin:0;padding:0;border:0} .quoteblock blockquote::before{content:"\201c";float:left;font-size:2.75em;font-weight:bold;line-height:.6em;margin-left:-.6em;color:#7a2518;text-shadow:0 1px 2px rgba(0,0,0,.1)} .quoteblock blockquote>.paragraph:last-child p{margin-bottom:0} .quoteblock .attribution{margin-top:.75em;margin-right:.5ex;text-align:right} .verseblock{margin:0 1em 1.25em} .verseblock pre{font-family:"Open Sans","DejaVu Sans",sans;font-size:1.15rem;color:rgba(0,0,0,.85);font-weight:300;text-rendering:optimizeLegibility} .verseblock pre strong{font-weight:400} .verseblock .attribution{margin-top:1.25rem;margin-left:.5ex} .quoteblock .attribution,.verseblock .attribution{font-size:.9375em;line-height:1.45;font-style:italic} .quoteblock .attribution br,.verseblock .attribution br{display:none} .quoteblock .attribution cite,.verseblock .attribution cite{display:block;letter-spacing:-.025em;color:rgba(0,0,0,.6)} .quoteblock.abstract blockquote::before,.quoteblock.excerpt blockquote::before,.quoteblock .quoteblock blockquote::before{display:none} .quoteblock.abstract blockquote,.quoteblock.abstract p,.quoteblock.excerpt blockquote,.quoteblock.excerpt p,.quoteblock .quoteblock blockquote,.quoteblock .quoteblock p{line-height:1.6;word-spacing:0} .quoteblock.abstract{margin:0 1em 1.25em;display:block} .quoteblock.abstract>.title{margin:0 0 .375em;font-size:1.15em;text-align:center} .quoteblock.excerpt>blockquote,.quoteblock .quoteblock{padding:0 0 .25em 1em;border-left:.25em solid #dddddf} .quoteblock.excerpt,.quoteblock .quoteblock{margin-left:0} .quoteblock.excerpt blockquote,.quoteblock.excerpt p,.quoteblock .quoteblock blockquote,.quoteblock .quoteblock p{color:inherit;font-size:1.0625rem} .quoteblock.excerpt .attribution,.quoteblock .quoteblock .attribution{color:inherit;text-align:left;margin-right:0} table.tableblock{max-width:100%;border-collapse:separate} p.tableblock:last-child{margin-bottom:0} td.tableblock>.content>:last-child{margin-bottom:-1.25em} td.tableblock>.content>:last-child.sidebarblock{margin-bottom:0} table.tableblock,th.tableblock,td.tableblock{border:0 solid #dedede} table.grid-all>thead>tr>.tableblock,table.grid-all>tbody>tr>.tableblock{border-width:0 1px 1px 0} table.grid-all>tfoot>tr>.tableblock{border-width:1px 1px 0 0} table.grid-cols>*>tr>.tableblock{border-width:0 1px 0 0} table.grid-rows>thead>tr>.tableblock,table.grid-rows>tbody>tr>.tableblock{border-width:0 0 1px} table.grid-rows>tfoot>tr>.tableblock{border-width:1px 0 0} table.grid-all>*>tr>.tableblock:last-child,table.grid-cols>*>tr>.tableblock:last-child{border-right-width:0} table.grid-all>tbody>tr:last-child>.tableblock,table.grid-all>thead:last-child>tr>.tableblock,table.grid-rows>tbody>tr:last-child>.tableblock,table.grid-rows>thead:last-child>tr>.tableblock{border-bottom-width:0} table.frame-all{border-width:1px} table.frame-sides{border-width:0 1px} table.frame-topbot,table.frame-ends{border-width:1px 0} table.stripes-all tr,table.stripes-odd tr:nth-of-type(odd),table.stripes-even tr:nth-of-type(even),table.stripes-hover tr:hover{background:#f8f8f7} th.halign-left,td.halign-left{text-align:left} th.halign-right,td.halign-right{text-align:right} th.halign-center,td.halign-center{text-align:center} th.valign-top,td.valign-top{vertical-align:top} th.valign-bottom,td.valign-bottom{vertical-align:bottom} th.valign-middle,td.valign-middle{vertical-align:middle} table thead th,table tfoot th{font-weight:bold} tbody tr th{display:table-cell;line-height:1.6;background:#f7f8f7} tbody tr th,tbody tr th p,tfoot tr th,tfoot tr th p{color:rgba(0,0,0,.8);font-weight:bold} p.tableblock>code:only-child{background:none;padding:0} p.tableblock{font-size:1em} ol{margin-left:1.75em} ul li ol{margin-left:1.5em} dl dd{margin-left:1.125em} dl dd:last-child,dl dd:last-child>:last-child{margin-bottom:0} ol>li p,ul>li p,ul dd,ol dd,.olist .olist,.ulist .ulist,.ulist .olist,.olist .ulist{margin-bottom:.625em} ul.checklist,ul.none,ol.none,ul.no-bullet,ol.no-bullet,ol.unnumbered,ul.unstyled,ol.unstyled{list-style-type:none} ul.no-bullet,ol.no-bullet,ol.unnumbered{margin-left:.625em} ul.unstyled,ol.unstyled{margin-left:0} ul.checklist{margin-left:.625em} ul.checklist li>p:first-child>.fa-square-o:first-child,ul.checklist li>p:first-child>.fa-check-square-o:first-child{width:1.25em;font-size:.8em;position:relative;bottom:.125em} ul.checklist li>p:first-child>input[type="checkbox"]:first-child{margin-right:.25em} ul.inline{display:-ms-flexbox;display:-webkit-box;display:flex;-ms-flex-flow:row wrap;-webkit-flex-flow:row wrap;flex-flow:row wrap;list-style:none;margin:0 0 .625em -1.25em} ul.inline>li{margin-left:1.25em} .unstyled dl dt{font-weight:400;font-style:normal} ol.arabic{list-style-type:decimal} ol.decimal{list-style-type:decimal-leading-zero} ol.loweralpha{list-style-type:lower-alpha} ol.upperalpha{list-style-type:upper-alpha} ol.lowerroman{list-style-type:lower-roman} ol.upperroman{list-style-type:upper-roman} ol.lowergreek{list-style-type:lower-greek} .hdlist>table,.colist>table{border:0;background:none} .hdlist>table>tbody>tr,.colist>table>tbody>tr{background:none} td.hdlist1,td.hdlist2{vertical-align:top;padding:0 .625em} td.hdlist1{font-weight:bold;padding-bottom:1.25em} .literalblock+.colist,.listingblock+.colist{margin-top:-.5em} .colist td:not([class]):first-child{padding:.4em .75em 0;line-height:1;vertical-align:top} .colist td:not([class]):first-child img{max-width:none} .colist td:not([class]):last-child{padding:.25em 0} .thumb,.th{line-height:0;display:inline-block;border:solid 4px #fff;-webkit-box-shadow:0 0 0 1px #ddd;box-shadow:0 0 0 1px #ddd} .imageblock.left{margin:.25em .625em 1.25em 0} .imageblock.right{margin:.25em 0 1.25em .625em} .imageblock>.title{margin-bottom:0} .imageblock.thumb,.imageblock.th{border-width:6px} .imageblock.thumb>.title,.imageblock.th>.title{padding:0 .125em} .image.left,.image.right{margin-top:.25em;margin-bottom:.25em;display:inline-block;line-height:0} .image.left{margin-right:.625em} .image.right{margin-left:.625em} a.image{text-decoration:none;display:inline-block} a.image object{pointer-events:none} sup.footnote,sup.footnoteref{font-size:.875em;position:static;vertical-align:super} sup.footnote a,sup.footnoteref a{text-decoration:none} sup.footnote a:active,sup.footnoteref a:active{text-decoration:underline} #footnotes{padding-top:.75em;padding-bottom:.75em;margin-bottom:.625em} #footnotes hr{width:20%;min-width:6.25em;margin:-.25em 0 .75em;border-width:1px 0 0} #footnotes .footnote{padding:0 .375em 0 .225em;line-height:1.3334;font-size:.875em;margin-left:1.2em;margin-bottom:.2em} #footnotes .footnote a:first-of-type{font-weight:bold;text-decoration:none;margin-left:-1.05em} #footnotes .footnote:last-of-type{margin-bottom:0} #content #footnotes{margin-top:-.625em;margin-bottom:0;padding:.75em 0} .gist .file-data>table{border:0;background:#fff;width:100%;margin-bottom:0} .gist .file-data>table td.line-data{width:99%} div.unbreakable{page-break-inside:avoid} .big{font-size:larger} .small{font-size:smaller} .underline{text-decoration:underline} .overline{text-decoration:overline} .line-through{text-decoration:line-through} .aqua{color:#00bfbf} .aqua-background{background:#00fafa} .black{color:#000} .black-background{background:#000} .blue{color:#0000bf} .blue-background{background:#0000fa} .fuchsia{color:#bf00bf} .fuchsia-background{background:#fa00fa} .gray{color:#606060} .gray-background{background:#7d7d7d} .green{color:#006000} .green-background{background:#007d00} .lime{color:#00bf00} .lime-background{background:#00fa00} .maroon{color:#600000} .maroon-background{background:#7d0000} .navy{color:#000060} .navy-background{background:#00007d} .olive{color:#606000} .olive-background{background:#7d7d00} .purple{color:#600060} .purple-background{background:#7d007d} .red{color:#bf0000} .red-background{background:#fa0000} .silver{color:#909090} .silver-background{background:#bcbcbc} .teal{color:#006060} .teal-background{background:#007d7d} .white{color:#bfbfbf} .white-background{background:#fafafa} .yellow{color:#bfbf00} .yellow-background{background:#fafa00} span.icon>.fa{cursor:default} a span.icon>.fa{cursor:inherit} .admonitionblock td.icon [class^="fa icon-"]{font-size:2.5em;text-shadow:1px 1px 2px rgba(0,0,0,.5);cursor:default} .admonitionblock td.icon .icon-note::before{content:"\f05a";color:#19407c} .admonitionblock td.icon .icon-tip::before{content:"\f0eb";text-shadow:1px 1px 2px rgba(155,155,0,.8);color:#111} .admonitionblock td.icon .icon-warning::before{content:"\f071";color:#bf6900} .admonitionblock td.icon .icon-caution::before{content:"\f06d";color:#bf3400} .admonitionblock td.icon .icon-important::before{content:"\f06a";color:#bf0000} .conum[data-value]{display:inline-block;color:#fff!important;background:rgba(0,0,0,.8);-webkit-border-radius:100px;border-radius:100px;text-align:center;font-size:.75em;width:1.67em;height:1.67em;line-height:1.67em;font-family:"Open Sans","DejaVu Sans",sans-serif;font-style:normal;font-weight:bold} .conum[data-value] *{color:#fff!important} .conum[data-value]+b{display:none} .conum[data-value]::after{content:attr(data-value)} pre .conum[data-value]{position:relative;top:-.125em} b.conum *{color:inherit!important} .conum:not([data-value]):empty{display:none} dt,th.tableblock,td.content,div.footnote{text-rendering:optimizeLegibility} h1,h2,p,td.content,span.alt{letter-spacing:-.01em} p strong,td.content strong,div.footnote strong{letter-spacing:-.005em} p,blockquote,dt,td.content,span.alt{font-size:1.0625rem} p{margin-bottom:1.25rem} .sidebarblock p,.sidebarblock dt,.sidebarblock td.content,p.tableblock{font-size:1em} .exampleblock>.content{background:#fffef7;border-color:#e0e0dc;-webkit-box-shadow:0 1px 4px #e0e0dc;box-shadow:0 1px 4px #e0e0dc} .print-only{display:none!important} @page{margin:1.25cm .75cm} @media print{*{-webkit-box-shadow:none!important;box-shadow:none!important;text-shadow:none!important} html{font-size:80%} a{color:inherit!important;text-decoration:underline!important} a.bare,a[href^="#"],a[href^="mailto:"]{text-decoration:none!important} a[href^="http:"]:not(.bare)::after,a[href^="https:"]:not(.bare)::after{content:"(" attr(href) ")";display:inline-block;font-size:.875em;padding-left:.25em} abbr[title]::after{content:" (" attr(title) ")"} pre,blockquote,tr,img,object,svg{page-break-inside:avoid} thead{display:table-header-group} svg{max-width:100%} p,blockquote,dt,td.content{font-size:1em;orphans:3;widows:3} h2,h3,#toctitle,.sidebarblock>.content>.title{page-break-after:avoid} #toc,.sidebarblock,.exampleblock>.content{background:none!important} #toc{border-bottom:1px solid #dddddf!important;padding-bottom:0!important} body.book #header{text-align:center} body.book #header>h1:first-child{border:0!important;margin:2.5em 0 1em} body.book #header .details{border:0!important;display:block;padding:0!important} body.book #header .details span:first-child{margin-left:0!important} body.book #header .details br{display:block} body.book #header .details br+span::before{content:none!important} body.book #toc{border:0!important;text-align:left!important;padding:0!important;margin:0!important} body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-break-before:always} .listingblock code[data-lang]::before{display:block} #footer{padding:0 .9375em} .hide-on-print{display:none!important} .print-only{display:block!important} .hide-for-print{display:none!important} .show-for-print{display:inherit!important}} @media print,amzn-kf8{#header>h1:first-child{margin-top:1.25rem} .sect1{padding:0!important} .sect1+.sect1{border:0} #footer{background:none} #footer-text{color:rgba(0,0,0,.6);font-size:.9em}} @media amzn-kf8{#header,#content,#footnotes,#footer{padding:0}} </style> </head> <body class="article"> <div id="header"> <h1>helloworld-mutual-ssl: JBoss EAP Mutual SSL(two-way) Configuration Example</h1> <div class="details"> <span id="author" class="author">Giriraj Sharma, Stefan Guilhen</span><br> </div> </div> <div id="content"> <div id="preamble"> <div class="sectionbody"> <div class="quoteblock abstract"> <blockquote> The <code>helloworld-mutual-ssl</code> quickstart is a basic example that demonstrates mutual SSL configuration in JBoss EAP </blockquote> </div> </div> </div> <div class="sect1"> <h2 id="_what_is_it">What is it?</h2> <div class="sectionbody"> <div class="paragraph"> <p>Mutual SSL provides the same security as SSL, with the addition of authentication and non-repudiation of the client authentication, using digital signatures. When mutual authentication is used, the server requests the client to provide a certificate in addition to the server certificate issued to the client. Mutual authentication requires an extra round trip each time for client certificate exchange. In addition, the client must buy and maintain a digital certificate.</p> </div> <div class="paragraph"> <p>This quickstart shows how to configure JBoss EAP to enable TLS/SSL configuration for the new JBoss EAP <code>undertow</code> subsystem and enable mutual (two-way) SSL authentication.</p> </div> <div class="paragraph"> <p>Before you run this example, you must create certificates and configure the server to use two-way SSL.</p> </div> </div> </div> <div class="sect1"> <h2 id="system_requirements">System Requirements</h2> <div class="sectionbody"> <div class="paragraph"> <p>The application this project produces is designed to be run on Red Hat JBoss Enterprise Application Platform 7.4 or later.</p> </div> <div class="paragraph"> <p>All you need to build this project is Java 8.0 (Java SDK 1.8) or later and Maven 3.3.1 or later. See <a href="https://github.com/jboss-developer/jboss-developer-shared-resources/blob/master/guides/CONFIGURE_MAVEN_JBOSS_EAP.adoc#configure_maven_to_build_and_deploy_the_quickstarts">Configure Maven to Build and Deploy the Quickstarts</a> to make sure you are configured correctly for testing the quickstarts.</p> </div> </div> </div> <div class="sect1"> <h2 id="use_of_jboss_home_name">Use of the EAP_HOME and QUICKSTART_HOME Variables</h2> <div class="sectionbody"> <div class="paragraph"> <p>In the following instructions, replace <code><em>EAP_HOME</em></code> with the actual path to your JBoss EAP installation. The installation path is described in detail here: <a href="https://github.com/jboss-developer/jboss-developer-shared-resources/blob/master/guides/USE_OF_EAP_HOME.adoc#use_of_product_home_and_jboss_home_variables">Use of <em>EAP_HOME</em> and <em>JBOSS_HOME</em> Variables</a>.</p> </div> <div class="paragraph"> <p>When you see the replaceable variable <em>QUICKSTART_HOME</em>, replace it with the path to the root directory of all of the quickstarts.</p> </div> </div> </div> <div class="sect1"> <h2 id="set_up_client_and_server_keystores_using_java_keytool">Set Up Client and Server Keystores Using Java Keytool</h2> <div class="sectionbody"> <div class="olist arabic"> <ol class="arabic"> <li> <p>Open a terminal and navigate to the JBoss EAP server <code>configuration</code> directory:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$ cd <em>EAP_HOME</em>/standalone/configuration/</code></pre> </div> </div> </li> <li> <p>Create a certificate for your server using the following command:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$>keytool -genkey -keyalg RSA -keystore server.keystore -storepass secret -keypass secret -validity 365 What is your first and last name? [Unknown]: localhost What is the name of your organizational unit? [Unknown]: wildfly What is the name of your organization? [Unknown]: jboss What is the name of your City or Locality? [Unknown]: Raleigh What is the name of your State or Province? [Unknown]: Carolina What is the two-letter country code for this unit? [Unknown]: US Is CN=localhost, OU=wildfly, O=jboss, L=Raleigh, ST=Carolina, C=US correct? [no]: yes</code></pre> </div> </div> </li> <li> <p>Create the client certificate, which is used to authenticate against the server when accessing a resource through SSL.</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$>keytool -genkey -keystore client.keystore -storepass secret -validity 365 -keyalg RSA -keysize 2048 -storetype pkcs12 What is your first and last name? [Unknown]: quickstartUser What is the name of your organizational unit? [Unknown]: Sales What is the name of your organization? [Unknown]: My Company What is the name of your City or Locality? [Unknown]: Sao Paulo What is the name of your State or Province? [Unknown]: Sao Paulo What is the two-letter country code for this unit? [Unknown]: BR Is CN=quickstartUser, OU=Sales, O=My Company, L=Sao Paulo, ST=Sao Paulo, C=BR correct? [no]: yes</code></pre> </div> </div> </li> <li> <p>Export the client certificate and create a truststore by importing this certificate:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$>keytool -exportcert -keystore client.keystore -storetype pkcs12 -storepass secret -keypass secret -file client.crt $>keytool -import -file client.crt -alias quickstartUser -keystore client.truststore -storepass secret Owner: CN=quickstartUser, OU=Sales, O=My Company, L=Sao Paulo, ST=Sao Paulo, C=BR Issuer: CN=quickstartUser, OU=Sales, O=My Company, L=Sao Paulo, ST=Sao Paulo, C=BR Serial number: 7fd95ce4 Valid from: Mon Jul 24 16:14:03 BRT 2017 until: Tue Jul 24 16:14:03 BRT 2018 Certificate fingerprints: MD5: 87:41:C5:CC:E6:79:91:F0:9D:90:AD:9E:DD:57:81:80 SHA1: 55:35:CA:B0:DC:DD:4F:E6:B8:9F:45:4B:4B:98:93:B5:3B:7C:55:84 SHA256: 0A:FC:93:B6:25:5A:74:42:B8:A1:C6:5F:69:88:72:7F:27:A9:81:B0:17:0C:F1:AF:3D:DE:B7:E5:F1:69:66:4B Signature algorithm name: SHA256withRSA Version: 3 Extensions: #1: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 95 84 BE C6 32 BB 2B 13 4C 7F 5D D4 C4 C8 22 12 ....2.+.L.]...". 0010: CB 09 39 09 ..9. ] ] Trust this certificate? [no]: yes Certificate was added to keystore</code></pre> </div> </div> </li> <li> <p>Export client certificate to pkcs12 format</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$>keytool -importkeystore -srckeystore client.keystore -srcstorepass secret -destkeystore clientCert.p12 -srcstoretype PKCS12 -deststoretype PKCS12 -deststorepass secret</code></pre> </div> </div> </li> <li> <p>The certificates and keystores are now properly configured.</p> </li> </ol> </div> </div> </div> <div class="sect1"> <h2 id="back_up_standalone_server_configuration">Back Up the JBoss EAP Standalone Server Configuration</h2> <div class="sectionbody"> <div class="paragraph"> <p>Before you begin, back up your server configuration file.</p> </div> <div class="olist arabic"> <ol class="arabic"> <li> <p>If it is running, stop the JBoss EAP server.</p> </li> <li> <p>Back up the <code><em>EAP_HOME</em>/standalone/configuration/standalone.xml</code> file.</p> </li> </ol> </div> <div class="paragraph"> <p>After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration.</p> </div> </div> </div> <div class="sect1"> <h2 id="start_the_eap_standalone_server">Start the JBoss EAP Standalone Server</h2> <div class="sectionbody"> <div class="olist arabic"> <ol class="arabic"> <li> <p>Open a terminal and navigate to the root of the JBoss EAP directory.</p> </li> <li> <p>Start the JBoss EAP server with the default profile by typing the following command.</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$ <em>EAP_HOME</em>/bin/standalone.sh </code></pre> </div> </div> <div class="admonitionblock note"> <table> <tr> <td class="icon"> <div class="title">Note</div> </td> <td class="content"> For Windows, use the <code><em>EAP_HOME</em>\bin\standalone.bat</code> script. </td> </tr> </table> </div> </li> </ol> </div> </div> </div> <div class="sect1"> <h2 id="configure_the_server">Configure the Server</h2> <div class="sectionbody"> <div class="paragraph"> <p>You configure the SSL context by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a <code>configure-ssl.cli</code> script provided in the root directory of this quickstart.</p> </div> <div class="olist arabic"> <ol class="arabic"> <li> <p>Before you begin, make sure you do the following:</p> <div class="ulist"> <ul> <li> <p><a href="#back_up_standalone_server_configuration">Back up the JBoss EAP standalone server configuration</a> as described above.</p> </li> <li> <p><a href="#start_the_eap_standalone_server">Start the JBoss EAP server with the standalone default profile</a> as described above.</p> </li> </ul> </div> </li> <li> <p>Review the <code>configure-ssl.cli</code> file in the root of this quickstart directory. Comments in the script describe the purpose of each block of commands.</p> </li> <li> <p>Open a new terminal, navigate to the root directory of this quickstart, and run the following command, replacing <em>EAP_HOME</em> with the path to your server:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$ <em>EAP_HOME</em>/bin/jboss-cli.sh --connect --file=configure-ssl.cli</code></pre> </div> </div> <div class="admonitionblock note"> <table> <tr> <td class="icon"> <div class="title">Note</div> </td> <td class="content"> For Windows, use the <code><em>EAP_HOME</em>\bin\jboss-cli.bat</code> script. </td> </tr> </table> </div> <div class="paragraph"> <p>You should see the following result when you run the script:</p> </div> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>The batch executed successfully process-state: reload-required</code></pre> </div> </div> </li> <li> <p>Stop the JBoss EAP server.</p> </li> </ol> </div> </div> </div> <div class="sect1"> <h2 id="_review_the_modified_server_configuration">Review the Modified Server Configuration</h2> <div class="sectionbody"> <div class="paragraph"> <p>After stopping the server, open the <code><em>EAP_HOME</em>/standalone/configuration/standalone.xml</code> file and review the changes.</p> </div> <div class="olist arabic"> <ol class="arabic"> <li> <p>The following <code>keystore</code> elements were added to the <code>elytron</code> subsystem:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code class="language-xml" data-lang="xml"><key-store name="qsKeyStore"> <credential-reference clear-text="secret"/> <implementation type="JKS"/> <file path="server.keystore" relative-to="jboss.server.config.dir"/> </key-store> <key-store name="qsTrustStore"> <credential-reference clear-text="secret"/> <implementation type="JKS"/> <file path="client.truststore" relative-to="jboss.server.config.dir"/> </key-store></code></pre> </div> </div> </li> <li> <p>The following <code>key-manager</code> was added to the <code>elytron</code> subsystem:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code class="language-xml" data-lang="xml"><key-managers> <key-manager name="qsKeyManager" key-store="qsKeyStore"> <credential-reference clear-text="secret"/> </key-manager> </key-managers></code></pre> </div> </div> </li> <li> <p>The following <code>trust-manager</code> was added to the <code>elytron</code> subsystem:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code class="language-xml" data-lang="xml"><trust-managers> <trust-manager name="qsTrustManager" key-store="qsTrustStore"/> </trust-managers></code></pre> </div> </div> </li> <li> <p>The following <code>ssl-context</code> was added to the <code>elytron</code> subsystem:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code class="language-xml" data-lang="xml"><server-ssl-contexts> <server-ssl-context name="qsSSLContext" protocols="TLSv1.2" need-client-auth="true" key-manager="qsKeyManager" trust-manager="qsTrustManager"/> </server-ssl-contexts></code></pre> </div> </div> </li> <li> <p>The <code>https-listener</code> in the <code>undertow</code> subsystem was changed to reference the <code>qsSSLContext</code> <code>ssl-context</code>:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code class="language-xml" data-lang="xml"><https-listener name="https" socket-binding="https" ssl-context="qsSSLContext" enable-http2="true"/></code></pre> </div> </div> </li> </ol> </div> </div> </div> <div class="sect1"> <h2 id="test_the_server_ssl_configuration">Test the Server SSL Configuration</h2> <div class="sectionbody"> <div class="paragraph"> <p>To test the SSL configuration, access: <a href="https://localhost:8443" class="bare">https://localhost:8443</a></p> </div> <div class="paragraph"> <p>If it is configured correctly, you should be asked to trust the server certificate.</p> </div> </div> </div> <div class="sect1"> <h2 id="import_the_client_certificate_into_your_browser">Import the Client Certificate into Your Browser</h2> <div class="sectionbody"> <div class="paragraph"> <p>Before you access the application, you must import the <em>clientCert.p12</em>, which holds the client certificate, into your browser.</p> </div> <div class="sect2"> <h3 id="import_the_client_certificate_into_google_chrome">Import the Client Certificate into Google Chrome</h3> <div class="olist arabic"> <ol class="arabic"> <li> <p>Click the Chrome menu icon (3 dots) in the upper right on the browser toolbar and choose <strong>Settings</strong>. This takes you to <code>link:`chrome://settings/</code>.</p> </li> <li> <p>Scroll to the bottom of the page and click on the <strong>Advanced</strong> link to reveal the advanced settings.</p> </li> <li> <p>Search for the <strong>Manage Certificates</strong> line under <strong>Privacy and security</strong> and then click on it.</p> </li> <li> <p>In the <strong>Manage certificates</strong> screen, select the <strong>Your Certificates</strong> tab and click on the <strong>Import</strong> button.</p> </li> <li> <p>Select the <strong>clientCert.p12</strong> file. You will be prompted to enter the password: <code>secret</code>.</p> </li> <li> <p>The client certificate is now installed in the Google Chrome browser.</p> </li> </ol> </div> </div> <div class="sect2"> <h3 id="import_the_client_certificate_into_mozilla_firefox">Import the Client Certificate into Mozilla Firefox</h3> <div class="olist arabic"> <ol class="arabic"> <li> <p>Click the <strong>Edit</strong> menu item on the browser menu and choose <strong>Preferences</strong>.</p> </li> <li> <p>A new window will open. Select the <strong>Advanced</strong> icon and after that the <strong>Certificates</strong> tab.</p> </li> <li> <p>On the <strong>Certificates</strong> tab, mark the option <strong>Ask me every time</strong> and click the <strong>View Certificates</strong> button.</p> </li> <li> <p>A new window will open. Select the <strong>Your Certificates</strong> tab and click the <strong>Import</strong> button.</p> </li> <li> <p>Select the <strong>clientCert.p12</strong> file. You will be prompted to enter the password: <code>secret</code>.</p> </li> <li> <p>The certificate is now installed in the Mozilla Firefox browser.</p> </li> </ol> </div> </div> </div> </div> <div class="sect1"> <h2 id="build_and_deploy_the_quickstart">Build and Deploy the Quickstart</h2> <div class="sectionbody"> <div class="olist arabic"> <ol class="arabic"> <li> <p>Make sure you <a href="#start_the_eap_standalone_server">start the JBoss EAP server</a> as described above.</p> </li> <li> <p>Open a terminal and navigate to the root directory of this quickstart.</p> </li> <li> <p>Type the following command to build the artifacts.</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$ mvn clean package wildfly:deploy</code></pre> </div> </div> </li> </ol> </div> <div class="paragraph"> <p>This deploys the <code>helloworld-mutual-ssl/target/helloworld-mutual-ssl.war</code> to the running instance of the server.</p> </div> <div class="paragraph"> <p>You should see a message in the server log indicating that the archive deployed successfully.</p> </div> </div> </div> <div class="sect1"> <h2 id="_access_the_application">Access the Application</h2> <div class="sectionbody"> <div class="paragraph"> <p>The application will be running at the following URL: <a href="https://localhost:8443/helloworld-mutual-ssl/HelloWorld" class="bare">https://localhost:8443/helloworld-mutual-ssl/HelloWorld</a>.</p> </div> <div class="paragraph"> <p>A page displaying the client certificate should be visible:</p> </div> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>Hello World ! WildFly mutual SSL is configured and client certificate is verified !! Client Certificate Pem: MIIDhTCCAm2gAwIBAgIEf9lc5DANBgkqhkiG9w0BAQsFADBzMQswCQYDVQQGEwJCUjESMBAGA1UECBMJU2FvIFBhd WxvMRIwEAYDVQQHEwlTYW8gUGF1bG8xEzARBgNVBAoTCk15IENvbXBhbnkxDjAMBgNVBAsTBVNhbGVzMRcwFQYDVQQDEw5xdWlja3N0YXJ0VXNlcj AeFw0xNzA3MjQxOTE0MDNaFw0xODA3MjQxOTE0MDNaMHMxCzAJBgNVBAYTAkJSMRIwEAYDVQQIEwlTYW8gUGF1bG8xEjAQBgNVBAcTCVNhbyBQYXV sbzETMBEGA1UEChMKTXkgQ29tcGFueTEOMAwGA1UECxMFU2FsZXMxFzAVBgNVBAMTDnF1aWNrc3RhcnRVc2VyMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAnHwflE8K/ArTPbTeZZEFK+1jtpg9grPSD62GIz/awoIDr6Rf9vCBTpAg4lom62A0BNZDEJKdab/ExNOOBRY+/pOnYlXZTYlDp dQQap0E7UP5EfHNZsafgpfILCop2LdTuUbcV7tLKBsthJLJ0ZCoG5QJFble+OPxEbissOvIqHfvUJZi34k9ULteLJc330g0uTuDrLgtoFQ0cbHa4F CQ86o85EuRPpFeW6EBA3iYE/tKHSYsK7QSajefX6jZjXoZiUflw97SAGL43ZtvNbrKRywEfsVqDpDurjBg2HI+YahuDz5R1QWTSyTHWMZzcyJYqxj XiSf0oK1cUahn6m5t1wIDAQABoyEwHzAdBgNVHQ4EFgQUlYS+xjK7KxNMf13UxMgiEssJOQkwDQYJKoZIhvcNAQELBQADggEBADkp+R6kSNXJNfih qbDRp3uFtNMG6OgaYsfC7RtNLMdrhvoLlU7uWzxVCFuifvNlWVRiADBHDCRQU2uNRFW35GQSfHQyok4KoBuKlfBtQ+Xu7c8R0JzxN/rPJPXoCbShz DHo1uoz5/dzXZz0EjjWCPJk+LVEhEvH0GcWAp3x3irpNU4hRZLd0XomY0Z4NnUt7VMBNYDOxVxgT9qcLnEaEpIfYULubLLCFHwAga2YgsKzZYLuwM aEWK4zhPVFynfnMaOxI67FC2QzhfzERyKqHj47WuwN0xWbS/1gBypS2nUwvItyxaEQG2X5uQY8j8QoY9wcMzIIkP2Mk14gJGHUnA8=</code></pre> </div> </div> </div> </div> <div class="sect1"> <h2 id="undeploy_the_quickstart">Undeploy the Quickstart</h2> <div class="sectionbody"> <div class="paragraph"> <p>When you are finished testing the quickstart, follow these steps to undeploy the archive.</p> </div> <div class="olist arabic"> <ol class="arabic"> <li> <p>Make sure you <a href="#start_the_eap_standalone_server">start the JBoss EAP server</a> as described above.</p> </li> <li> <p>Open a terminal and navigate to the root directory of this quickstart.</p> </li> <li> <p>Type this command to undeploy the archive:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$ mvn wildfly:undeploy</code></pre> </div> </div> </li> </ol> </div> </div> </div> <div class="sect1"> <h2 id="restore_the_standalone_server_configuration">Restore the JBoss EAP Standalone Server Configuration</h2> <div class="sectionbody"> <div class="paragraph"> <p>You can restore the original server configuration using either of the following methods.</p> </div> <div class="ulist"> <ul> <li> <p>You can <a href="#restore_standalone_server_configuration_using_cli">run the <code>restore-configuration.cli</code> script</a> provided in the root directory of this quickstart.</p> </li> <li> <p>You can <a href="#restore_standalone_server_configuration_manually">manually restore the configuration</a> using the backup copy of the configuration file.</p> </li> </ul> </div> <div class="sect2"> <h3 id="restore_standalone_server_configuration_using_cli">Restore the JBoss EAP Standalone Server Configuration by Running the JBoss CLI Script</h3> <div class="olist arabic"> <ol class="arabic"> <li> <p><a href="#start_the_eap_standalone_server">Start the JBoss EAP server</a> as described above.</p> </li> <li> <p>Open a new terminal, navigate to the root directory of this quickstart, and run the following command, replacing <code><em>EAP_HOME</em></code> with the path to your server:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$ <em>EAP_HOME</em>/bin/jboss-cli.sh --connect --file=restore-configuration.cli</code></pre> </div> </div> <div class="admonitionblock note"> <table> <tr> <td class="icon"> <div class="title">Note</div> </td> <td class="content"> For Windows, use the <code><em>EAP_HOME</em>\bin\jboss-cli.bat</code> script. </td> </tr> </table> </div> </li> </ol> </div> <div class="paragraph"> <p>This script reverts the changes made to the <code>undertow</code> subsystem and it also removes the <code>ssl-context</code>, <code>key-manager</code>, <code>trust-manager</code> and <code>key-store`s from the `elytron</code> subsystem. You should see the following result when you run the script:</p> </div> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>The batch executed successfully process-state: reload-required</code></pre> </div> </div> </div> <div class="sect2"> <h3 id="restore_standalone_server_configuration_manually">Restore the JBoss EAP Standalone Server Configuration Manually</h3> <div class="paragraph"> <p>When you have completed testing the quickstart, you can restore the original server configuration by manually restoring the backup copy the configuration file.</p> </div> <div class="olist arabic"> <ol class="arabic"> <li> <p>If it is running, stop the JBoss EAP server.</p> </li> <li> <p>Replace the <code><em>EAP_HOME</em>/standalone/configuration/standalone.xml</code> file with the backup copy of the file.</p> </li> </ol> </div> </div> </div> </div> <div class="sect1"> <h2 id="_remove_the_keystores_and_certificates_created_for_this_quickstart">Remove the keystores and certificates created for this quickstart</h2> <div class="sectionbody"> <div class="olist arabic"> <ol class="arabic"> <li> <p>Open a terminal and navigate to the JBoss EAP server <code>configuration</code> directory:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$ cd <em>EAP_HOME</em>/standalone/configuration/</code></pre> </div> </div> </li> <li> <p>Remove the <code>clientCert.p12</code>, <code>client.crt</code>, <code>client.keystore</code>, <code>client.truststore</code> and <code>server.keystore</code> files that were generated for this quickstart.</p> </li> </ol> </div> </div> </div> <div class="sect1"> <h2 id="remove_the_client_certificate_from_your_browser">Remove the Client Certificate from Your Browser</h2> <div class="sectionbody"> <div class="paragraph"> <p>After you are done with this quickstart, remember to remove the certificate that was imported into your browser.</p> </div> <div class="sect2"> <h3 id="_remove_the_client_certificate_from_google_chrome">Remove the Client Certificate from Google Chrome</h3> <div class="olist arabic"> <ol class="arabic"> <li> <p>Click the Chrome menu icon (3 dots) in the upper right on the browser toolbar and choose <strong>Settings</strong>. This takes you to chrome://settings/.</p> </li> <li> <p>Scroll to the bottom of the page and click on the <strong>Advanced</strong> link to reveal the advanced settings.</p> </li> <li> <p>Search for the <strong>Manage Certificates</strong> line under <strong>Privacy and security</strong> and then click on it.</p> </li> <li> <p>In the <strong>Manage certificates</strong> screen, select the <strong>Your Certificates</strong> tab and then click on the arrow to the right of the certificate to be removed.</p> </li> <li> <p>The certificate is expanded, displaying the <code>quickstartUser</code> entry. Click on the icon (3 dots) to the right of it and then select <strong>Delete</strong>.</p> </li> <li> <p>Confirm the deletion in the dialog box. The certificate has now been removed from the Google Chrome browser.</p> </li> </ol> </div> </div> <div class="sect2"> <h3 id="_remove_the_client_certificate_from_mozilla_firefox">Remove the Client Certificate from Mozilla Firefox</h3> <div class="olist arabic"> <ol class="arabic"> <li> <p>Click the <strong>Edit</strong> menu item on the browser menu and choose <strong>Preferences</strong>.</p> </li> <li> <p>A new window will open. Select the <strong>Advanced</strong> icon and after that the <strong>Certificates</strong> tab.</p> </li> <li> <p>On the <strong>Certificates</strong> tab click the <strong>View Certificates</strong> button.</p> </li> <li> <p>A new window will open. Select the <strong>Your Certificates</strong> tab.</p> </li> <li> <p>Select the <code>quickstartUser</code> certificate and click the <code>Delete</code> button.</p> </li> <li> <p>The certificate has now been removed from the Mozilla Firefox browser.</p> </li> </ol> </div> </div> </div> </div> <div class="sect1"> <h2 id="run_the_quickstart_in_redhat_codeready_studio_or_eclipse">Run the Quickstart in Red Hat CodeReady Studio or Eclipse</h2> <div class="sectionbody"> <div class="paragraph"> <p>You can also start the server and deploy the quickstarts or run the Arquillian tests in Red Hat CodeReady Studio or from Eclipse using JBoss tools. For general information about how to import a quickstart, add a JBoss EAP server, and build and deploy a quickstart, see <a href="https://github.com/jboss-developer/jboss-developer-shared-resources/blob/master/guides/USE_JBDS.adoc#use_red_hat_jboss_developer_studio_or_eclipse_to_run_the_quickstarts">Use Red Hat CodeReady Studio or Eclipse to Run the Quickstarts</a>.</p> </div> <div class="ulist"> <ul> <li> <p>Make sure you configure the keystores and client certificates as described under <a href="#set_up_client_and_server_keystores_using_java_keytool">Set Up Client and Server Keystores Using Java Keytool</a>.</p> </li> <li> <p>Depending on the browser you choose, make sure you either <a href="#import_the_client_certificate_into_google_chrome">import the certificate into Google Chrome</a> or <a href="#import_the_client_certificate_into_mozilla_firefox">import the certificate into Mozilla Firefox</a>.</p> </li> <li> <p>Make sure you configure the server by running the JBoss CLI commands as described above under <a href="#configure_the_server">Configure the Server</a>. Stop the server at the end of that step.</p> </li> <li> <p>In Red Hat CodeReady Studio, choose <strong>Window</strong> –> <strong>Web Browser</strong>, then select the browser you chose to import the certificate.</p> </li> <li> <p>To deploy the application, right-click on the <strong>helloworld-mutual-ssl</strong> project and choose <strong>Run As</strong> –> <strong>Run on Server</strong>.</p> </li> <li> <p>Make sure you <a href="#restore_the_server_configuration">restore the server configuration</a> when you have completed testing this quickstart.</p> </li> </ul> </div> </div> </div> <div class="sect1"> <h2 id="_debug_the_application">Debug the Application</h2> <div class="sectionbody"> <div class="paragraph"> <p>If you want to debug the source code or look at the Javadocs of any library in the project, run either of the following commands to pull them into your local repository. The IDE should then detect them.</p> </div> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$ mvn dependency:sources $ mvn dependency:resolve -Dclassifier=javadoc</code></pre> </div> </div> </div> </div> <div class="sect1"> <h2 id="openshift_incompatibility">JBoss EAP for OpenShift Incompatibility</h2> <div class="sectionbody"> <div class="paragraph"> <p>This quickstart is not compatible with JBoss EAP for OpenShift or JBoss EAP for OpenShift Online templates.</p> </div> </div> </div> </div> <div id="footer"> <div id="footer-text"> Last updated 2021-06-23 15:53:26 UTC </div> </div> </body> </html>