This is my standalone-full.xml configuration with ssl configured
security realm .
<security-realm name="SslRealm">
<server-identities>
<ssl>
<keystore path="D:\ncm.keystore" alias="ncm" keystore-password="*****" />
</ssl>
</server-identities>
</security-realm>
Subsystem
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https"/>
<https-listener name="default-ssl" socket-binding="https" security-realm="SslRealm"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>
<filter-ref name="server-header"/>
<filter-ref name="x-powered-by-header"/>
</host>
</server>
Socket Binding
<socket-binding name="http" port="${jboss.http.port:8080}"/>
<socket-binding name="https" port="${jboss.https.port:8443}"/>
How to redirect to https:///localhost:8443/myApp when user hits http://localhost:8080/myApp
A rewrite rule can be used to redirect users. In the undertow subsystem (standalone.xml or domain.xml) you will need to create a new rewrite filter and then enable the filter in a new fitler-ref:
Create the new rewrite filter in the filters section. In the example below, users will be redirected to https://myhostname:443/my-app
. %U is a placeholder for the original request URL path; you want to use %U to make the redirect friendly and keep users' original request URL path.
<filters>
<rewrite name="http-to-https" redirect="true" target="https://myhostname:8443%U"/>
</filters>
Then, enable the filter and configure a predicate in the host section. The predicate is where you configure what the rewrite filter applies to. In the example below, our rewrite filter will only apply to requests going to port 8080.
<server name="default-server">
<host name="default-host" alias="localhost">
...
<filter-ref name="http-to-https" predicate="equals(%p,8080)"/>
Here are the JBoss CLI steps for the same configuration changes above:
/subsystem=undertow/configuration=filter/rewrite=http-to-https:add(redirect="true",target="https://myhostname:8443%U")
/subsystem=undertow/server=default-server/host=default-host/filter-ref=http-to-https:add(predicate="equals(%p,8080)")