1.edit host or standalone.xml and add below JKS
<security-realms>
<security-realm name="httpsrealm">
<server-identities>
<ssl>
<keystore path="/app/ssl/keystore.jks" keystore-password="xxxx" alias="site"/>
</ssl>
</server-identities>
<authentication>
<truststore path="/app/ssl/truststore.jks" keystore-password="xxxxxx"/>
</authentication>
</security-realm>
</security-realms>
2. Add below under undertow with in the respective profile for domain setup and in standalone.xml for standalone mode setup
<subsystem xmlns="urn:jboss:domain:undertow:3.1">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="https"/>
<https-listener name="https" secure="true" enabled-protocols="TLSv1.1,TLSv1.2" security-realm="httpsrealm" socket-binding="https"/>
.....
3.Restart and verify the App Https port to see if it reflects configured https certificate
