10.9. Configure the Management Console for HTTPS in Domain mode

Procedure 10.3. 

  1. Add a server-identities element to the security-realm block in your installations host.xml..
    Within this element you define the protocol, the keystore path, the keystore password and alias for the key pair.
    Execute the following CLI command, substituting your own values for the example ones. This example assumes that the keystore is copied to the server configuration directory, which is EAP_HOME/domain/configuration/ for a managed domain.
    /host=master/core-service=management/security-realm=ManagementRealm/server-identity=ssl:add(protocol=TLSv1, keystore-path=server.keystore,keystore-relative-to=jboss.domain.config.dir, keystore-password=SECRET, alias=KEY_ALIAS)
  2. Change the socket element within the management-interface section by adding secure-port and removing port configuration.
    Use the following commands:
    /host=master/core-service=management/management-interface=http-interface:write-attribute(name=secure-port,value=9443) 
    /host=master/core-service=management/management-interface=http-interface:undefine-attribute(name=port)
  3. Restart your domain.