[keycloak-dev] jboss-cli access to SSL/secured mgmt port FAILs for keycloak8/wildfly17 configured with Eltyron SSL subsystem & 2-way SSL auth for MgmtUI ?
PGNet Dev
pgnet.dev at gmail.com
Sat Aug 24 21:26:27 EDT 2019
As usual, dig around in enuf random places ...
> What additional elytron (other?) subsystem command 'magic' is needed to get the jboss-cli WF client working on the secured SSL port?
adding all the correct '-Djavax.net.ssl.*' values, AND specifically using
--controller=remote+https://...
does the trick.
this, now,
jboss-cli.sh \
--connect \
--controller=remote+https://10.0.0.1:9993 \
-Djavax.net.ssl.trustStore=/etc/keycloak/truststore.client.jks \
-Djavax.net.ssl.trustStorePassword=tspass \
-Djavax.net.ssl.keyStore=/etc/keycloak/keystore.client.jks \
-Djavax.net.ssl.keyStorePassword=kspass \
--properties=/etc/keycloak/jboss.properties \
--user=mgmtuser \
--password=mgmtpass \
version
works
More information about the keycloak-dev
mailing list