Reinitializing a Trust Manager through a Two-Way SSL
In WildFly 14, you are able to dynamically reload trust managers using the Elytron subsystem, for trust managers using one of multiple of file and LDAP backed keystores. This blog post will give an overview of how to use this new operation through an example in the WildFly CLI. Pre-requirements Before any of the following operations can be done in the CLI, the keystores will first have to be created. As mentioned, these can either be file or LDAP backed keystores. In the following examples, the keystores will be stored in WildFly's standalone/configuration directory. File Backed Keystores First, generate the client and server keystores: keytool -genkeypair - alias client -keyalg RSA -keysize 1024 -validity 365 -keystore client.keystore.jks -dname cn=client,ou=Users,dc=jboss,dc=org -keypass secret -storepass secret; keytool -genkeypair - alias server -keyalg RSA -keysize 1024 -validity 365 -keystore server.keystore.jks -dname CN=server,ou=Users,dc=jboss,dc=org -keypass s