If I define https-listener and don't specify neither security-realm or ssl-context, the listener is created. Still the listener is in this state unusable (all connections to it will end prematurely).

I believe there should be added check that at least one of those two attributes is defined. If it is not possible to have it checked directly in model and fail the add operation, then at least some warning message should be logged.