Bug 1026675

Summary: "alias" and "path" in <keystore/> should work with properties
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Hisanobu Okuda <hokuda>
Component: Domain ManagementAssignee: Darran Lofthouse <darran.lofthouse>
Status: CLOSED NOTABUG QA Contact: Petr Kremensky <pkremens>
Severity: unspecified Docs Contact: Russell Dickenson <rdickens>
Priority: unspecified    
Version: 6.0.1CC: emuckenh
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-11-21 18:41:29 UTC Type: Feature Request
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Hisanobu Okuda 2013-11-05 08:37:12 UTC
Description of problem:
The customer configured the https listener for the management realm as follow:-

    <management>
        <security-realms>
            <security-realm name="ManagementRealm">
  	        <server-identities>
		    <ssl protocol="TLSv1">
                        <keystore path="${xxx.host.ssl.keyStore}" keystore-password="${xxx.host.ssl.keyStorePassword}" alias="${keyAlias}"/>
                    </ssl>
                </server-identities>
            <authentication>
                <local default-user="$local"/>
                <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
            </authentication>
        </security-realm>

But, it does not work. He successfully used the same properties to configure the https connector for web applications though.

Version-Release number of selected component (if applicable):
jboss-as-host-controller-7.1.3

How reproducible:
See the problem description

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Hisanobu Okuda 2013-11-05 08:39:43 UTC
Request for inclusion to EAP630

Comment 3 Darran Lofthouse 2014-11-21 18:41:29 UTC
Just checked EAP already has widespread expression support across the attributes used to define keystores within security realms.