gpt4 book ai didi

ssl - WildFly 10 如何配置从属主机使用 HTTPS 连接到域

转载 作者:太空宇宙 更新时间:2023-11-03 13:23:14 26 4
gpt4 key购买 nike

关于WildFly 10域模式和HTTPS的小问题。

我的 host-master.xml 参数:

<management>
<security-realms>
<security-realm name="ManagementRealm">
<server-identities>
<ssl>
<keystore path="..." relative-to="jboss.domain.config.dir" keystore-password="..." alias="..." key-password="..." generate-self-signed-certificate-host="localhost"/>
</ssl>
</server-identities>
<authentication>
<local default-user="$local" skip-group-loading="true"/>
<properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
</authentication>
<authorization map-groups-to-roles="false">
<properties path="mgmt-groups.properties" relative-to="jboss.domain.config.dir"/>
</authorization>
</security-realm>


<management-interfaces>
<native-interface security-realm="ManagementRealm">
<socket interface="management" port="${jboss.management.native.port:9999}"/>
</native-interface>
<http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
<socket interface="management" secure-port="${jboss.management.http.port:9990}"/>
</http-interface>
</management-interfaces>

我的host-slave.xml参数:

        <security-realms>
<security-realm name="SlaveRealm">
<server-identities>
<secret value="..." />
</server-identities>


<domain-controller>
<remote protocol="remote" host="..." port="9999" username='slave' security-realm="SlaveRealm"/>
</domain-controller>

域服务器启动时没有任何错误,管理控制台可通过 HTTPS 访问。但是从节点不会启动,我收到一条错误消息:

2017-02-23 17:35:05,149 WARN  [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0001: Could not connect to remote domain controller remote://...:9999 -- java.lang.IllegalStateException: WFLYHC0110: Unable to connect due to SSL failure.
2017-02-23 17:35:05,149 WARN [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0147: No domain controller discovery options remain.
2017-02-23 17:35:05,150 ERROR [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0002: Could not connect to master. Aborting. Error was: java.lang.IllegalStateException: WFLYHC0120: Tried all domain controller discovery option(s) but unable to connect
2017-02-23 17:35:05,150 FATAL [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0178: Aborting with exit code 99

我尝试添加 "<server-identities><ssl><keystore..." host-slave.xml 中的“SlaveRealm”部分,但收到相同的错误。

如何正确简单的配置domain和host-slave?谢谢。

最佳答案

在 host.xml 中你必须指定 <interfaces> .您还可以在启动 wildfly 时将接口(interface)值作为命令行参数传递。

硕士的host.xml

<interfaces>
<interface name="management">
<inet-address value="${wildfly.bind.address.management:@@master.host.name@@}"/>
</interface>
<interface name="public">
<inet-address value="${wildfly.bind.address:@@master.host.name@@}"/>
</interface>
<interface name="unsecure">
<!-- Used for IIOP sockets in the standard configuration.
To secure JacORB you need to setup SSL -->
<inet-address value="${wildfly.bind.address.unsecure:@@master.host.name@@}"/>
</interface>
</interfaces>

从机host.xml

 <management>
<security-realms>
<security-realm name="ManagementRealm">
<server-identities>
<secret value="@@slave.encrypted.password@@" />
</server-identities>
....
....
....
<domain-controller>
<!--<local/>-->
<!-- Alternative remote domain controller configuration with a host and port -->
<remote protocol="remote" host="@@master.host.name@@" port="9999" username="@@slave.account.name@@" security-realm="ManagementRealm"/>
</domain-controller>

<interfaces>
<interface name="management">
<inet-address value="${wildfly.bind.address.management:@@slave.host.name@@}"/>
</interface>
<interface name="public">
<inet-address value="${wildfly.bind.address:@@slave.host.name@@}"/>
</interface>
<interface name="unsecure">
<!-- Used for IIOP sockets in the standard configuration.
To secure JacORB you need to setup SSL -->
<inet-address value="${wildfly.bind.address.unsecure:@@slave.host.name@@}"/>
</interface>
</interfaces>

此配置适用于我们的开发/QA/生产环境。

关于ssl - WildFly 10 如何配置从属主机使用 HTTPS 连接到域,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/42420343/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com