EJBTest Application Instructions 1) Copy the file: standalone-full-SSL-Example.xml file to: wildfly-26.0.1.Final/standalone/configuration 2) Change the standalone-full-SSL-Example.xml to point to the keystore directory in the project 3) Startup wildfly and create a user called: myuser with password: password123 and roles: admin, employee using the following jboss-cli commands: /subsystem=elytron/filesystem-realm=demoFsRealm:add-identity(identity=myuser) /subsystem=elytron/filesystem-realm=demoFsRealm:set-password(identity=myuser, clear={password="password123"}) /subsystem=elytron/filesystem-realm=demoFsRealm:add-identity-attribute(identity=myuser, name=Roles, value=["admin","employee"]) 4) Edit the wildfly-conf.xml found under the client/src/main/resources/META-INF and make sure it is pointing to the same keystore directory 5) build the ejbserver portion of the project and deploy it to wildfly 6) Note that when the connections in the wildfly-conf is using the "remote+http" everything works just fine. 7) Change the wildfly-conf.xml to use the remote+https protocol (connections section) 8) Modify the RemoteContext.java class to use the function getContextWithWildflyConfig When you run the client application (either the RemoteEJBClient or the RemoteClient the following error is observed) javax.net.ssl|ERROR|31|XNIO-1 I/O-1|2022-03-01 16:42:22.909 MST|TransportContext.java:362|Fatal (HANDSHAKE_FAILURE): Invalid DH ServerKeyExchange: unknown extra data ( "throwable" : { javax.net.ssl.SSLHandshakeException: Invalid DH ServerKeyExchange: unknown extra data at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131) at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:357) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:313) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:304) and the additional error: javax.net.ssl|WARNING|01|XNIO-1 I/O-1|2022-03-01 16:56:11.246 MST|SSLEngineOutputRecord.java:173|outbound has closed, ignore outbound application data Failed to call bean: EJBCLIENT000079: Unable to discover destination for request for EJB StatelessEJBLocator for "/ejbserver/SecuredEJB", view is interface org.wildfly.security.examples.SecuredEJBRemote, affinity is None javax.ejb.NoSuchEJBException: EJBCLIENT000079: Unable to discover destination for request for EJB StatelessEJBLocator for "/ejbserver/SecuredEJB", view is interface org.wildfly.security.examples.SecuredEJBRemote, affinity is None at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:620) at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:551) To see the server hang do the following (after doing steps 1-7 above) 1) Rename the wildfly-conf.xml so it won't be found (i.e. wildfly-conf-blah.xml) 2) Change the RemoteContext.java getContext() to not call the function getContextWithWildflyConfig() and instead make it call the getContextWithoutWildflyConfig(). (doing this it will create an initial context with all the necessary connection information) 3) Start the client using the following additional VM arguments: -Djavax.net.ssl.trustStore=${CLIENT_TRUSTSTORE} -Djavax.net.ssl.trustStorePassword=${STORE_PASSWD} -Djavax.net.ssl.keyStore=${CLIENT_KEYSTORE} -Djavax.net.ssl.keyStorePassword=${STORE_PASSWD} (note that the keystore and truststore passwords can be found in the wildfly-conf.xml). 4) When running the client application note that it is hung on the first ejb invocation and will stay hung until the server is terminated. Additional Notes: The project is built using gradle, if needed I can create a maven version as well. There are three parts: common.jar (classes used by both the client and ejbserver), ejbserver which is deployed to wildfly, and the client which runs outside of wildfly. I've been running the server from eclipse using the standard jboss-tools and the following startup arguments: Program arguments: -mp "C:\wildfly\wildfly-26.0.1.Final\modules" org.jboss.as.standalone -b 0.0.0.0 --server-config=standalone-full-SSL-Example.xml -Djboss.server.base.dir=C:\wildfly\wildfly-26.0.1.Final\standalone VM arguments: "-Dprogram.name=JBossTools: EJBTest" -server -Xms64m -Xmx512m -Dorg.jboss.resolver.warning=true -Djava.net.preferIPv4Stack=true -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true "-Dorg.jboss.boot.log.file=C:\wildfly\wildfly-26.0.1.Final\standalone\log\boot.log" "-Dlogging.configuration=file:C:\wildfly\wildfly-26.0.1.Final\standalone\configuration\logging.properties" "-Djboss.home.dir=C:\wildfly\wildfly-26.0.1.Final" -Dorg.jboss.logmanager.nocolor=true --add-exports=java.base/sun.nio.ch=ALL-UNNAMED --add-exports=jdk.unsupported/sun.misc=ALL-UNNAMED --add-exports=jdk.unsupported/sun.reflect=ALL-UNNAMED --add-modules=java.se -Djboss.bind.address.management=0.0.0.0 -Djavax.net.debug=ssl:handshake:verbose:keymanager:trustmanager -Djava.security.debug=access:stack -XX:+AggressiveOpts -XX:-EliminateAutoBox