Reputation: 257
How to propagate truststore updates in a cluster using Wildfly?
I have an application running on Wildfly 10 in a domain setup with more than 10 machines. Clients consume REST webservices using SSL authentication, in this scenario we will be adding clients on a daily basis so it is important to be able to propagate changes on the Truststore to the whole server group. It's not an option to centralize the truststore in one machine due to concurrency levels.
I would like to know if there is a way to achieve this using the CLI or any other alternatives.
Thanks in advance!
Upvotes: 0
Views: 55
Answers (1)
Reputation: 620
Given that Wildfly does not support reloading the truststore at runtime (see https://access.redhat.com/solutions/482133), you would copy the truststore file to all servers (by hand, by script, by Puppet/Ansible/your DevOps tool), and use CLI to restart the affected server groups in the domain.
See also https://github.com/wildfly/quickstart/tree/10.x/helloworld-war-ssl for an example to implemet SSL auth. Basically all clients get a certificate from your own CA, which you add to the truststore once. Then use RBAC for the authorization.
Upvotes: 0
Related Questions
- Rolling updates with Hazelcast
- How to update Truststore dynamically?
- Wildfly : Singleton Deployment on Cluster | Elects two servers in Server Group
- Wildfly 8 cluster in standalone mode on different machines
- Wildfly truststore and axis
- Wildfly 10 as load balancer
- Keystore not working with CA cert in wildfly
- CLUSTER SECURITY EXCEPTION in wildfly
- Deltaspike Data Repositories in Wildfly 8.2 with JTA and Container Managed Transaction (CMT)
- WebSphere propagate changes across all nodes in cluster