Steps to Reproduce: 1. Configure a `credential-store` and an `expression-resolver` in the Elytron subsystem in JBoss-CLI. example JBoss CLI commands /subsystem=elytron/secret-key-credential-store=examplePropertiesCredentialStore:add(path=example-credential-store.jceks,relative-to=jboss.server.config.dir) /subsystem=elytron/secret-key-credential-store=examplePropertiesCredentialStore:export-secret-key(alias=key) /subsystem=elytron/expression=encryption:add(resolvers=[{name=example-resolver, credential-store=examplePropertiesCredentialStore, secret-key=key}]) example elytron config <subsystem xmlns= "urn:wildfly:elytron:18.0" final -providers= "combined-providers" disallowed-providers= "OracleUcrypto" > ...(snip)... <credential-stores> <secret-key-credential-store name= "examplePropertiesCredentialStore" relative-to= "jboss.server.config.dir" path= "example-credential-store.jceks" /> </credential-stores> <expression-resolver> <resolver name= "example-resolver" credential-store= "examplePropertiesCredentialStore" secret-key= "key" /> </expression-resolver> ...(snip)... 2. Define a system property in "standalone.xml" using an encrypted expression from that store: example JBoss CLI commands /subsystem=elytron/expression=encryption:create-expression(resolver=example-resolver,clear-text=MyPassword) /system-property=example.encrypted.password:add(value= "${ENC::example-resolver:RUxZAUMQ...(generated_encryted_value)...}" ) example system properties config <system-properties> <property name= "example.encrypted.password" value= "${ENC::example-resolver:RUxZAUMQ...(generated_encryted_value)...}" /> </system-properties> 3. Ensure the WildFly instance is either stopped or the management interface is not listening on the default localhost:9990. 4. Run "./bin/jdr.sh" without specifying host/port (forcing the use of an embedded server). Actual Results: The embedded server fails to boot with the following error messages: ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("system-property" => "javax.net.ssl.keyStorePassword")]) - failure description: "WFLYELY01209: Unable to initialize CredentialStore examplePropertiesCredentialStore -- WFLYELY00924: Unable to create immediately available credential store." FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details. - Server configuration file in use: standalone.xml Expected Results: The embedded server should be able to initialize the necessary Elytron services (Credential Store) to resolve system properties and successfully generate the JDR report, even when the main server is offline.

When executing jdr.sh, Specify the active management interface host and port explicitly. This allow it to connect to the running instance instead of relying on the embedded server: $ ./bin/jdr.sh -H <management_ip> -p <management_port> Note: As this workaround requires a running WildFly instance in order to gather the JDR report, jdr.sh cannot be executed when WildFly instance is stopped.