Key manager exported from legacy security domain can not be used by Elytron server-ssl-context ---------------------------------------------------------------------------------------------- Key: WFCORE-2507 URL: https://issues.jboss.org/browse/WFCORE-2507 Project: WildFly Core Issue Type: Bug Components: Security Affects Versions: 3.0.0.Beta6 Reporter: Ondrej Kotek Priority: Critical Fix For: 3.0.0.Beta26 It is not possible to use a key manager exported from legacy security domain (i.e. {{elytron-key-manager}}) in Elytron {{server-ssl-context}}. It results in: {noformat} { "outcome" => "failed", "failure-description" => { "WFLYCTL0080: Failed services" => {"org.wildfly.security.ssl-context.ssc" => "org.jboss.msc.service.StartException in service org.wildfly.security.ssl-context.ssc: WFLYELY00019: No 'X509ExtendedKeyManager' found in injected value."}, "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.ssl-context.ssc"] }, "rolled-back" => true } {noformat} The exported key manager is announced as {{org.wildfly.security.key-managers}} capability. Hence it is expected to work wherever the capability is requested.