When Let’s Encrypt based on ACME (Automated Certificate Management Environment) spec launches in mid-2015, enabling HTTPS for any site will be as easy as installing a small piece of certificate management software on the server:
$ sudo apt-get install lets-encrypt
$ lets-encrypt example.com
That’s all there is to it! https://example.com is immediately live. Automatic renew and on demand revocation are equally easier.
A sample let's encrypt SSL client demo is here. For documentation, check here.
Let's encrypt is free, open and automated with out of box support for apache/nginx and standalone support for other web servers. It automatically configures an app deployed on apache or nginx with a single command with absolute no human intervention. Its stand alone mode (for other web servers) generates SSL cert for the app(domain) which can be manually configured/installed or a better method will be installation via an automated script(like for keycloak server). Currently, Let’s Encrypt provides a developer preview only intended for testers and developers. It, at present installs certs signed by the TEST CA, which might generate exception warnings in client browsers. But, they have announced to come out with final solution by Mid 2015.
As Keycloak will be requiring SSL, let's encrypt standalone support with a script for automatic installation of cert on keycloak/wildfly server might come out as one easier rescue.
Cheers,
--