[ https://issues.jboss.org/browse/WFLY-7158?page=com.atlassian.jira.plugin.... ] Jan Kalina edited comment on WFLY-7158 at 1/23/17 5:41 AM: ----------------------------------------------------------- As discussed with [~pskopek], for the future it should work by this way: {code:xml} <key-manager name="ServerKeyManager" algorithm="SunX509"> <credential-reference store="keyskeystore" alias="mykey"> <!-- reference to the SSL key -->    <credential-store store="passwordskeystore" alias="mykey-pwd"/> <!-- reference to the password by which is key encrypted --> </credential-reference> </key-manager> {code} (key-store "keyskeystore" contains SSL key "mykey", which is encrypted by password, which is stored in key-store "passwordskeystore" in alias "mykey-pwd") *But we dont support this (credential-reference referencing another credential-reference) for now.* The best way for now will be to keep user to define filtering-key-store and reference it from key-manager. was (Author: honza889): As discussed with [~pskopek], for the future it should work by this way: {code:xml} <key-manager name="ServerKeyManager" algorithm="SunX509"> <credential-reference store="keyskeystore" alias="mykey">    <credential-store store="passwordskeystore" alias="mykey-pwd"/> </credential-reference> </key-manager> {code} (key-store "keyskeystore" contains SSL key "mykey", which is encrypted by password, which is stored in key-store "passwordskeystore" in alias "mykey-pwd") *But we dont support this (credential-reference referencing another credential-reference) for now.* The best way for now will be to keep user to define filtering-key-store and reference it from key-manager. -- This message was sent by Atlassian JIRA (v7.2.3#72005)