WildFly Full 24 Model Reference

  1. home
  2. core-service=management
  3. security-realm
  4. server-identity=ssl
Deprecated Since 1.7.0
The security-realm configuration is deprecated and may be removed or moved in future versions.

Configuration of the SSL identity of a server or host controller.

Attributes (12)

  • alias The alias of the entry to use from the keystore.
    • Attribute Value
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required resource-services
  • enabled-cipher-suites The cipher suites that can be enabled on the underlying SSLEngine.
    • Attribute Value
    Type LIST
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required no-services
  • enabled-protocols The protocols that can be enabled on the underlying SSLEngine.
    • Attribute Value
    Default Value ["TLSv1","TLSv1.1","TLSv1.2"]
    Type LIST
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required no-services
  • generate-self-signed-certificate-host If the keystore does not exist and this attribute is set then a self signed certificate will be generated for the specified host name. This is not intended for production use.
    • Attribute Value
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required resource-services
  • key-password The password to obtain the key from the keystore.
    • Attribute Value
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required resource-services
  • key-password-credential-reference The reference to credential for the keystore key stored in CredentialStore under defined alias or clear text password.
    • Attribute Value
    Type OBJECT
    Nillable true
    Expressions Allowed false
    Storage configuration
    Access Type read-write
    Restart Required no-services
  • keystore-password The password to open the keystore.
    • Attribute Value
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required resource-services
  • keystore-password-credential-reference The reference to credential for the keystore password stored in CredentialStore under defined alias or clear text password.
    • Attribute Value
    Type OBJECT
    Nillable true
    Expressions Allowed false
    Storage configuration
    Access Type read-write
    Restart Required no-services
  • keystore-path The path of the keystore, will be ignored if the keystore-provider is anything other than JKS.
    • Attribute Value
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required resource-services
  • keystore-provider The provider for loading the keystore, defaults to JKS.
    • Attribute Value
    Default Value JKS
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required resource-services
  • keystore-relative-to The name of another previously named path, or of one of the standard paths provided by the system. If 'relative-to' is provided, the value of the 'path' attribute is treated as relative to the path specified by this attribute.
    • Attribute Value
    Type STRING
    Nillable true
    Expressions Allowed false
    Storage configuration
    Access Type read-write
    Restart Required resource-services
  • protocol The protocol to use when creating the SSLContext.
    • Attribute Value
    Default Value TLS
    Type STRING
    Nillable true
    Expressions Allowed true
    Storage configuration
    Access Type read-write
    Restart Required resource-services

Operations (2)

  • add Adds the SSL identity of a server or host controller.
    Request Parameter Type Required Expressions Allowed Default value Description
    alias STRING false true The alias of the entry to use from the keystore.
    enabled-cipher-suites LIST false true The cipher suites that can be enabled on the underlying SSLEngine.
    enabled-protocols LIST false true ["TLSv1","TLSv1.1","TLSv1.2"] The protocols that can be enabled on the underlying SSLEngine.
    generate-self-signed-certificate-host STRING false true If the keystore does not exist and this attribute is set then a self signed certificate will be generated for the specified host name. This is not intended for production use.
    key-password STRING false true The password to obtain the key from the keystore.
    key-password-credential-reference OBJECT false false The reference to credential for the keystore key stored in CredentialStore under defined alias or clear text password.
    keystore-password STRING false true The password to open the keystore.
    keystore-password-credential-reference OBJECT false false The reference to credential for the keystore password stored in CredentialStore under defined alias or clear text password.
    keystore-path STRING false true The path of the keystore, will be ignored if the keystore-provider is anything other than JKS.
    keystore-provider STRING false true JKS The provider for loading the keystore, defaults to JKS.
    keystore-relative-to STRING false false The name of another previously named path, or of one of the standard paths provided by the system. If 'relative-to' is provided, the value of the 'path' attribute is treated as relative to the path specified by this attribute.
    protocol STRING false true TLS The protocol to use when creating the SSLContext.
  • remove Removes the SSL identity of a server or host controller.