Under "Configure the Elytron and Undertow Subsystems", step 1 uses CLI commands that have attribute "provider" but the actual name is "provider-name".
Specifically:
~~~
/subsystem=elytron/key-store=fipsKS:add(type=PKCS11,provider="SunPKCS11-nss-fips",credential-reference=
/subsystem=elytron/key-manager=fipsKM:add(key-store=fipsKS,algorithm="SunX509",provider=SunPKCS11-nss-fips,credential-reference={clear-text="P@ssword123"}
)
~~~
should be
~~~
/subsystem=elytron/key-store=fipsKS:add(type=PKCS11,provider-name="SunPKCS11-nss-fips",credential-reference=
/subsystem=elytron/key-manager=fipsKM:add(key-store=fipsKS,algorithm="SunX509",provider-name=SunPKCS11-nss-fips,credential-reference={clear-text="P@ssword123"}
)
~~~
Documentation link:
https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/how_to_configure_server_security/index#configure_ssl_fips_elytron