SSL certificate installation on Wildfly server

Question

I was trying to install SSL certificate on wildfly application server which is hosted in aws Ec2 instance. I purchased SSL certificate in godaddy. I downloaded SSL ssl certificate zip from godaddy portal. Which consists of following 1 .gd_bundle-g2-g1.crt 2 .gdig2.crt.pem 3. 70c350d31695.crt 4. 70c350d31695.pem

Created keystore and imported certificates in to keystore with following command

keytool -genkey -alias wildfly -keyalg RSA -keystore wildfly.jks

keytool -import -alias root -keystore wildfly.jks -trustcacerts -file 70c350d31695.crt

keytool -import -alias intermed -keystore wildfly.jks -trustcacerts -file gd_bundle-g2-g1.crt

Also done configuration in wildfly as follows standalone.xml

<security-realm`enter code here` name="SslRealm">
      <server-identities>
         <ssl>
            <keystore path="/home/centos/ssl/newssl/wildfly.jks" alias="wildfly" keystore-password="OHGv216TZDhbd" />
          </ssl>
      </server-identities>
  </security-realm>

and
  <https-listener name="default-ssl" socket-binding="https" security-realm="SslRealm"/> 

But after restarts application, keystore recognized but https certificates not recognized. When i am double click on certificate in browesr it has only keystore information not certificate information. Please help me to fix this.

In browser certificate error like following

Answer 1

I've been trying to set up GoDaddy and Comodo certificates on WildFly for hours, but can't get it to work without Nginx. These SSL providers only really work in high-level applications like AWS EC2 and Google App Engine.

Let's Encrypt works just fine on WildFly but iOS doesn't support Let's Encrypt.

So you have to use Nginx to use SSL provider certificates on WildFly.

Answer 2

You need a single entry I think in your keystore with all the details. You might find it easier using KSE (https://keystore-explorer.org/) rather than the cli