Copy Your Existing Key Store
If you've already created a key store as the part of the initial installation of EJBCA on another instance, copy it to the p12 directory in EJBCA. If no such directory exists, feel free to create one.
Deploy TLS Keystores to WildFly
Run this command to copy the existing key stores from p12 to to wildfly_home/standalone/configuration/keystore:
$ ant deploy-keystore
Import the Management CA Certificate
Verify that web.reqcertindb=false has been set in conf/web.properties (otherwise: do so and run ant deployear again).
Download the Management CA certificate from the RA UI on the instance hosting the Management CA
From the EJBCA CLI on the RA, run the following command to import the Management CA certificate on the RA:
.sh ca importcacert ManagementCA ManagementCA.cacert.pem -initauthorization -superadmincn SuperAdmin