Upgrade from 15.1 to 16.1.0

I am upgrading from version 15.1 to 16.1.0. This is a standalone configuration and is using a local MySQL database backend. I went with a fresh copy of the latest 16.1.0 Keycloak tar file and am piece by piece moving configuration text from the 15.1 standalone.xml to the 16.1.0 standalone.xml. When I run the bin/jboss-cli.sh --file=bin/migrate-standalone.cli I get the following error:

Adding keystore to ApplicationRealm…
Failed to get the list of the operation properties: “WFLYCTL0030: No resource definition is registered for address [
(“core-service” => “management”),
(“security-realm” => “ApplicationRealm”),
(“server-identity” => “ssl”)

I can successfully start a 16.1.0 instance with the piecemeal changes to the standalone.xml, but the migration script throws the above. Any suggestions on what I’m doing wrong?

Legacy security subsystem in Wildfly, which was already deprecated for long, was removed. You now have to use the Elytron subsystem for TLS/SSL handling. See Keycloak release notes for link to Wildfly docs!

Generally: never edit the standalone.xml manually. Always use CLI scripts!


I did work off info from this link. I’m using Apache2 as a reverse-proxy for my TLS/SSL needs.

You have an error telling you something about ssl and security realm which had been removed from Wildfly. So, deal with it and read the official docs. I don‘t care about other peoples lists, I stick to official docs and have always a working system.

1 Like