10.9. Configure the Management Console for HTTPS in Domain mode
Procedure 10.3.
- Generate a keypair as discussed in Section 8.4, “Generate a SSL Encryption Key and Certificate”.
- Add a
server-identities
element to thesecurity-realm
block in your installationshost.xml.
.Within this element you define the protocol, the keystore path, the keystore password and alias for the key pair.Execute the following CLI command, substituting your own values for the example ones. This example assumes that the keystore is copied to the server configuration directory, which is EAP_HOME/domain/configuration/ for a managed domain./host=master/core-service=management/security-realm=ManagementRealm/server-identity=ssl:add(protocol=TLSv1, keystore-path=server.keystore,keystore-relative-to=jboss.domain.config.dir, keystore-password=SECRET, alias=KEY_ALIAS)
- Change the socket element within the
management-interface
section by addingsecure-port
and removing port configuration.Use the following commands:/host=master/core-service=management/management-interface=http-interface:write-attribute(name=secure-port,value=9443)
/host=master/core-service=management/management-interface=http-interface:undefine-attribute(name=port)
- Restart your domain.