You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@geronimo.apache.org by "Zakharov, Vasily M" <va...@intel.com> on 2007/12/05 00:10:32 UTC
TLS instead of SSL?
Hi, all,
Can Geronimo be tuned to use TLS instead of SSL?
Or, can it be tuned to not use SSL at all?
I'm trying to run Geronimo 2.0.2 on Apache Harmony, and it fails to
start because Harmony doesn't have SSL implementation, though is has
TLS.
Thanks!
Vasily Zakharov
Intel ESSD
--------------------------------------------------------------------
Closed Joint Stock Company Intel A/O
Registered legal address: 125252, Moscow, Russian Federation,
Chapayevsky Per, 14.
This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.
RE: TLS instead of SSL?
Posted by "Zakharov, Vasily M" <va...@intel.com>.
Jarek,
Thank you very much, it seems that helped.
The next stack is JKS keystore implementation is missing, but that's a
known issue GERONIMO-2015.
I'll try to update the patches there somehow.
Thanks!
Vasily
-----Original Message-----
From: Jarek Gawor [mailto:jgawor@gmail.com]
Sent: Wednesday, December 05, 2007 7:22 PM
To: user@geronimo.apache.org
Subject: Re: TLS instead of SSL?
Vasily,
Try configuring CORBASSLConfig gbean as shown below into
j2ee-corba-yoko module (instead of removing or disabling things):
<ns2:module
name="org.apache.geronimo.configs/j2ee-corba-yoko/2.1-SNAPSHOT/car">
<ns2:gbean name="CORBASSLConfig">
<ns2:attribute name="protocol">TLS</ns2:attribute>
</ns2:gbean>
...
Also, jetty looks like is already configured with TLS (unless that
info is not getting propagated correctly).
Jarek
On Dec 5, 2007 9:44 AM, Zakharov, Vasily M <va...@intel.com>
wrote:
>
>
>
>
> Hi, David,
>
>
>
> I've removed the following sections from config.xml:
>
>
>
> <gbean name="Server">
>
> <attribute name="port">${ORBSSLPort + PortOffset}</attribute>
>
> <attribute name="host">${ORBSSLHost}</attribute>
>
> </gbean>
>
> <gbean name="JettySSLConnector">
>
> <attribute name="host">${ServerHostname}</attribute>
>
> <attribute name="port">${HTTPSPortPrimary + PortOffset}</attribute>
>
> </gbean>
>
>
>
> and also the following redirectPort tags:
>
>
>
> <gbean name="JettyWebConnector">
>
> <attribute name="host">${ServerHostname}</attribute>
>
> <attribute name="port">${HTTPPortPrimary + PortOffset}</attribute>
>
> <!-- attribute name="redirectPort">${HTTPSPortPrimary +
> PortOffset}</attribute -->
>
> </gbean>
>
> <gbean name="JettyAJP13Connector">
>
> <attribute name="host">${ServerHostname}</attribute>
>
> <attribute name="port">${AJPPortPrimary + PortOffset}</attribute>
>
> <!-- attribute name="redirectPort">${HTTPSPortPrimary +
> PortOffset}</attribute -->
>
> </gbean>
>
>
>
> but the stack remains the same:
>
>
>
> 17:25:30,836 ERROR [SocketFactory] Unable to create server SSL socket
> factory
>
> org.apache.geronimo.management.geronimo.KeystoreException: Unable to
create
> SSL Context
>
> at
>
org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLConte
xt(FileKeystoreManager.java:354)
>
> at
>
org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLServe
rFactory(FileKeystoreManager.java:296)
>
> at
>
org.apache.geronimo.security.keystore.FileKeystoreManager$$FastClassByCG
LIB$$4d9d2a71.invoke(<generated>)
>
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>
> at
>
org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInv
oker.java:38)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.j
ava:124)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.jav
a:830)
>
> at
>
org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>
> at
>
org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperation
Invoker.java:35)
>
> at
>
org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyM
ethodInterceptor.java:96)
>
> at
>
org.apache.geronimo.management.geronimo.KeystoreManager$$EnhancerByCGLIB
$$bf6fcb72.createSSLServerFactory(<generated>)
>
> at
>
org.apache.geronimo.corba.security.config.ssl.SSLConfig.createSSLServerF
actory(SSLConfig.java:112)
>
> at
>
org.apache.geronimo.corba.security.config.ssl.SSLConfig$$FastClassByCGLI
B$$437ec1a5.invoke(<generated>)
>
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>
> at
>
org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInv
oker.java:38)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.j
ava:124)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.jav
a:830)
>
> at
>
org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>
> at
>
org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperation
Invoker.java:35)
>
> at
>
org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyM
ethodInterceptor.java:96)
>
> at
>
org.apache.geronimo.corba.security.config.ssl.SSLConfig$$EnhancerByCGLIB
$$55d3f0dd.createSSLServerFactory(<generated>)
>
> at
>
org.apache.geronimo.yoko.SocketFactory.getServerSocketFactory(SocketFact
ory.java:404)
>
> at
>
org.apache.geronimo.yoko.SocketFactory.createServerSocket(SocketFactory.
java:317)
>
> at
>
org.apache.yoko.orb.OCI.IIOP.Acceptor_impl.<init>(Acceptor_impl.java:461
)
>
> at
>
org.apache.yoko.orb.OCI.IIOP.AccFactory_impl.create_acceptor(AccFactory_
impl.java:157)
>
> at
>
org.apache.yoko.orb.OBPortableServer.POAManagerFactory_impl.create_POAMa
nager(POAManagerFactory_impl.java:251)
>
> at
>
org.apache.yoko.orb.OB.ORBControl.initializeRootPOA(ORBControl.java:516)
>
> at
>
org.apache.yoko.orb.OBCORBA.ORB_impl.resolve_initial_references(ORB_impl
.java:1095)
>
> at
org.apache.geronimo.corba.CORBABean.doStart(CORBABean.java:243)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(GBeanInst
ance.java:996)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GB
eanInstanceState.java:268)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstance
State.java:102)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java
:539)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBean
Dependency.java:111)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDepende
ncy.java:146)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDepende
ncy.java:120)
>
> at
>
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(
BasicLifecycleMonitor.java:176)
>
> at
>
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicL
ifecycleMonitor.java:44)
>
> at
>
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroad
caster.fireRunningEvent(BasicLifecycleMonitor.java:254)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GB
eanInstanceState.java:294)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstance
State.java:102)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBea
nInstanceState.java:124)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInst
ance.java:553)
>
> at
>
org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKe
rnel.java:379)
>
> at
>
org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGB
eans(ConfigurationUtil.java:448)
>
> at
>
org.apache.geronimo.kernel.config.KernelConfigurationManager.start(Kerne
lConfigurationManager.java:187)
>
> at
>
org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfig
uration(SimpleConfigurationManager.java:530)
>
> at
>
org.apache.geronimo.kernel.config.SimpleConfigurationManager$$FastClassB
yCGLIB$$ce77a924.invoke(<generated>)
>
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>
> at
>
org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInv
oker.java:38)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.j
ava:124)
>
> at
>
org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.jav
a:830)
>
> at
>
org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>
> at
>
org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperation
Invoker.java:35)
>
> at
>
org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyM
ethodInterceptor.java:96)
>
> at
>
org.apache.geronimo.kernel.config.EditableConfigurationManager$$Enhancer
ByCGLIB$$ce332814.startConfiguration(<generated>)
>
> at
>
org.apache.geronimo.system.main.EmbeddedDaemon.doStartup(EmbeddedDaemon.
java:156)
>
> at
>
org.apache.geronimo.system.main.EmbeddedDaemon.execute(EmbeddedDaemon.ja
va:78)
>
> at
>
org.apache.geronimo.kernel.util.MainConfigurationBootstrapper.main(MainC
onfigurationBootstrapper.java:45)
>
> at
> org.apache.geronimo.cli.AbstractCLI.executeMain(AbstractCLI.java:67)
>
> at
org.apache.geronimo.cli.daemon.DaemonCLI.main(DaemonCLI.java:30)
>
> at
java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>
> at java.lang.reflect.Method.invoke(Method.java:317)
>
> at org.apache.harmony.vm.JarRunner.main(JarRunner.java:80)
>
> Caused by: java.lang.reflect.InvocationTargetException
>
> at
java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>
> at java.lang.reflect.Method.invoke(Method.java:317)
>
> at
>
org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLConte
xt(FileKeystoreManager.java:345)
>
> at
>
org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLServe
rFactory(FileKeystoreManager.java:296)
>
> ... 62 more
>
> Caused by: java.security.NoSuchAlgorithmException: SSLContext SSL
> implementation not found
>
> at
>
org.apache.harmony.security.fortress.Engine.getInstance(Engine.java:105)
>
> at javax.net.ssl.SSLContext.getInstance(SSLContext.java:79)
>
> at
java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>
> ... 65 more
>
>
>
> Thank you!
>
>
>
> Vasily
>
>
>
>
>
>
>
> -----Original Message-----
>
> From: David Jencks [mailto:david_jencks@yahoo.com]
>
> Sent: Wednesday, December 05, 2007 3:24 AM
>
> To: user@geronimo.apache.org
>
> Subject: Re: TLS instead of SSL?
>
>
>
>
>
> On Dec 4, 2007, at 3:10 PM, Zakharov, Vasily M wrote:
>
>
>
> > Hi, all,
>
> >
>
> > Can Geronimo be tuned to use TLS instead of SSL?
>
> > Or, can it be tuned to not use SSL at all?
>
>
>
> I don't think anyone has tried this before. You might be able to
>
> disable any gbeans that need ssl. Without a stack trace its hard to
>
> guess where these might be but a start might be the https
>
> connectors. If this doesn't work a stack trace would be helpful.
>
> >
>
> > I'm trying to run Geronimo 2.0.2 on Apache Harmony, and it fails to
>
> > start because Harmony doesn't have SSL implementation, though is has
>
> > TLS.
>
>
>
> It's great to see someone working on G + H !
>
>
>
> thanks
>
> david jencks
>
>
>
> >
>
> > Thanks!
>
> >
>
> > Vasily Zakharov
>
> > Intel ESSD
>
> > --------------------------------------------------------------------
>
> > Closed Joint Stock Company Intel A/O
>
> > Registered legal address: 125252, Moscow, Russian Federation,
>
> > Chapayevsky Per, 14.
>
> >
>
> > This e-mail and any attachments may contain confidential material
for
>
> > the sole use of the intended recipient(s). Any review or
distribution
>
> > by others is strictly prohibited. If you are not the intended
>
> > recipient, please contact the sender and delete all copies.
>
>
>
> --------------------------------------------------------------------
> Closed Joint Stock Company Intel A/O
> Registered legal address: 125252, Moscow, Russian Federation,
> Chapayevsky Per, 14.
>
> This e-mail and any attachments may contain confidential material for
> the sole use of the intended recipient(s). Any review or distribution
> by others is strictly prohibited. If you are not the intended
> recipient, please contact the sender and delete all copies.
>
>
--------------------------------------------------------------------
Closed Joint Stock Company Intel A/O
Registered legal address: 125252, Moscow, Russian Federation,
Chapayevsky Per, 14.
This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.
Re: TLS instead of SSL?
Posted by Jarek Gawor <jg...@gmail.com>.
Vasily,
Try configuring CORBASSLConfig gbean as shown below into
j2ee-corba-yoko module (instead of removing or disabling things):
<ns2:module
name="org.apache.geronimo.configs/j2ee-corba-yoko/2.1-SNAPSHOT/car">
<ns2:gbean name="CORBASSLConfig">
<ns2:attribute name="protocol">TLS</ns2:attribute>
</ns2:gbean>
...
Also, jetty looks like is already configured with TLS (unless that
info is not getting propagated correctly).
Jarek
On Dec 5, 2007 9:44 AM, Zakharov, Vasily M <va...@intel.com> wrote:
>
>
>
>
> Hi, David,
>
>
>
> I've removed the following sections from config.xml:
>
>
>
> <gbean name="Server">
>
> <attribute name="port">${ORBSSLPort + PortOffset}</attribute>
>
> <attribute name="host">${ORBSSLHost}</attribute>
>
> </gbean>
>
> <gbean name="JettySSLConnector">
>
> <attribute name="host">${ServerHostname}</attribute>
>
> <attribute name="port">${HTTPSPortPrimary + PortOffset}</attribute>
>
> </gbean>
>
>
>
> and also the following redirectPort tags:
>
>
>
> <gbean name="JettyWebConnector">
>
> <attribute name="host">${ServerHostname}</attribute>
>
> <attribute name="port">${HTTPPortPrimary + PortOffset}</attribute>
>
> <!-- attribute name="redirectPort">${HTTPSPortPrimary +
> PortOffset}</attribute -->
>
> </gbean>
>
> <gbean name="JettyAJP13Connector">
>
> <attribute name="host">${ServerHostname}</attribute>
>
> <attribute name="port">${AJPPortPrimary + PortOffset}</attribute>
>
> <!-- attribute name="redirectPort">${HTTPSPortPrimary +
> PortOffset}</attribute -->
>
> </gbean>
>
>
>
> but the stack remains the same:
>
>
>
> 17:25:30,836 ERROR [SocketFactory] Unable to create server SSL socket
> factory
>
> org.apache.geronimo.management.geronimo.KeystoreException: Unable to create
> SSL Context
>
> at
> org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLContext(FileKeystoreManager.java:354)
>
> at
> org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLServerFactory(FileKeystoreManager.java:296)
>
> at
> org.apache.geronimo.security.keystore.FileKeystoreManager$$FastClassByCGLIB$$4d9d2a71.invoke(<generated>)
>
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>
> at
> org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:124)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:830)
>
> at
> org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>
> at
> org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:35)
>
> at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
>
> at
> org.apache.geronimo.management.geronimo.KeystoreManager$$EnhancerByCGLIB$$bf6fcb72.createSSLServerFactory(<generated>)
>
> at
> org.apache.geronimo.corba.security.config.ssl.SSLConfig.createSSLServerFactory(SSLConfig.java:112)
>
> at
> org.apache.geronimo.corba.security.config.ssl.SSLConfig$$FastClassByCGLIB$$437ec1a5.invoke(<generated>)
>
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>
> at
> org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:124)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:830)
>
> at
> org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>
> at
> org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:35)
>
> at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
>
> at
> org.apache.geronimo.corba.security.config.ssl.SSLConfig$$EnhancerByCGLIB$$55d3f0dd.createSSLServerFactory(<generated>)
>
> at
> org.apache.geronimo.yoko.SocketFactory.getServerSocketFactory(SocketFactory.java:404)
>
> at
> org.apache.geronimo.yoko.SocketFactory.createServerSocket(SocketFactory.java:317)
>
> at
> org.apache.yoko.orb.OCI.IIOP.Acceptor_impl.<init>(Acceptor_impl.java:461)
>
> at
> org.apache.yoko.orb.OCI.IIOP.AccFactory_impl.create_acceptor(AccFactory_impl.java:157)
>
> at
> org.apache.yoko.orb.OBPortableServer.POAManagerFactory_impl.create_POAManager(POAManagerFactory_impl.java:251)
>
> at
> org.apache.yoko.orb.OB.ORBControl.initializeRootPOA(ORBControl.java:516)
>
> at
> org.apache.yoko.orb.OBCORBA.ORB_impl.resolve_initial_references(ORB_impl.java:1095)
>
> at org.apache.geronimo.corba.CORBABean.doStart(CORBABean.java:243)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(GBeanInstance.java:996)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:268)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:102)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:539)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:111)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:146)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:120)
>
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:176)
>
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44)
>
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:254)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:294)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:102)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:124)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:553)
>
> at
> org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java:379)
>
> at
> org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(ConfigurationUtil.java:448)
>
> at
> org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelConfigurationManager.java:187)
>
> at
> org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:530)
>
> at
> org.apache.geronimo.kernel.config.SimpleConfigurationManager$$FastClassByCGLIB$$ce77a924.invoke(<generated>)
>
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>
> at
> org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:124)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:830)
>
> at
> org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>
> at
> org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:35)
>
> at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
>
> at
> org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$ce332814.startConfiguration(<generated>)
>
> at
> org.apache.geronimo.system.main.EmbeddedDaemon.doStartup(EmbeddedDaemon.java:156)
>
> at
> org.apache.geronimo.system.main.EmbeddedDaemon.execute(EmbeddedDaemon.java:78)
>
> at
> org.apache.geronimo.kernel.util.MainConfigurationBootstrapper.main(MainConfigurationBootstrapper.java:45)
>
> at
> org.apache.geronimo.cli.AbstractCLI.executeMain(AbstractCLI.java:67)
>
> at org.apache.geronimo.cli.daemon.DaemonCLI.main(DaemonCLI.java:30)
>
> at java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>
> at java.lang.reflect.Method.invoke(Method.java:317)
>
> at org.apache.harmony.vm.JarRunner.main(JarRunner.java:80)
>
> Caused by: java.lang.reflect.InvocationTargetException
>
> at java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>
> at java.lang.reflect.Method.invoke(Method.java:317)
>
> at
> org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLContext(FileKeystoreManager.java:345)
>
> at
> org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLServerFactory(FileKeystoreManager.java:296)
>
> ... 62 more
>
> Caused by: java.security.NoSuchAlgorithmException: SSLContext SSL
> implementation not found
>
> at
> org.apache.harmony.security.fortress.Engine.getInstance(Engine.java:105)
>
> at javax.net.ssl.SSLContext.getInstance(SSLContext.java:79)
>
> at java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>
> ... 65 more
>
>
>
> Thank you!
>
>
>
> Vasily
>
>
>
>
>
>
>
> -----Original Message-----
>
> From: David Jencks [mailto:david_jencks@yahoo.com]
>
> Sent: Wednesday, December 05, 2007 3:24 AM
>
> To: user@geronimo.apache.org
>
> Subject: Re: TLS instead of SSL?
>
>
>
>
>
> On Dec 4, 2007, at 3:10 PM, Zakharov, Vasily M wrote:
>
>
>
> > Hi, all,
>
> >
>
> > Can Geronimo be tuned to use TLS instead of SSL?
>
> > Or, can it be tuned to not use SSL at all?
>
>
>
> I don't think anyone has tried this before. You might be able to
>
> disable any gbeans that need ssl. Without a stack trace its hard to
>
> guess where these might be but a start might be the https
>
> connectors. If this doesn't work a stack trace would be helpful.
>
> >
>
> > I'm trying to run Geronimo 2.0.2 on Apache Harmony, and it fails to
>
> > start because Harmony doesn't have SSL implementation, though is has
>
> > TLS.
>
>
>
> It's great to see someone working on G + H !
>
>
>
> thanks
>
> david jencks
>
>
>
> >
>
> > Thanks!
>
> >
>
> > Vasily Zakharov
>
> > Intel ESSD
>
> > --------------------------------------------------------------------
>
> > Closed Joint Stock Company Intel A/O
>
> > Registered legal address: 125252, Moscow, Russian Federation,
>
> > Chapayevsky Per, 14.
>
> >
>
> > This e-mail and any attachments may contain confidential material for
>
> > the sole use of the intended recipient(s). Any review or distribution
>
> > by others is strictly prohibited. If you are not the intended
>
> > recipient, please contact the sender and delete all copies.
>
>
>
> --------------------------------------------------------------------
> Closed Joint Stock Company Intel A/O
> Registered legal address: 125252, Moscow, Russian Federation,
> Chapayevsky Per, 14.
>
> This e-mail and any attachments may contain confidential material for
> the sole use of the intended recipient(s). Any review or distribution
> by others is strictly prohibited. If you are not the intended
> recipient, please contact the sender and delete all copies.
>
>
Re: TLS instead of SSL?
Posted by Vamsavardhana Reddy <c1...@gmail.com>.
Removing a <gbean> tag from config.xml will not stop the gbean. You will
have to use load="false" in the gbean tag, for e.g., <gbean load="false"
name="Server">.
++Vamsi
On Dec 5, 2007 8:14 PM, Zakharov, Vasily M <va...@intel.com>
wrote:
> Hi, David,
>
>
>
> I've removed the following sections from config.xml:
>
>
>
> <gbean name="Server">
>
> <attribute name="port">${ORBSSLPort + PortOffset}</attribute>
>
> <attribute name="host">${ORBSSLHost}</attribute>
>
> </gbean>
>
> <gbean name="JettySSLConnector">
>
> <attribute name="host">${ServerHostname}</attribute>
>
> <attribute name="port">${HTTPSPortPrimary + PortOffset}</attribute>
>
> </gbean>
>
>
>
> and also the following redirectPort tags:
>
>
>
> <gbean name="JettyWebConnector">
>
> <attribute name="host">${ServerHostname}</attribute>
>
> <attribute name="port">${HTTPPortPrimary + PortOffset}</attribute>
>
> <!-- attribute name="redirectPort">${HTTPSPortPrimary +
> PortOffset}</attribute -->
>
> </gbean>
>
> <gbean name="JettyAJP13Connector">
>
> <attribute name="host">${ServerHostname}</attribute>
>
> <attribute name="port">${AJPPortPrimary + PortOffset}</attribute>
>
> <!-- attribute name="redirectPort">${HTTPSPortPrimary +
> PortOffset}</attribute -->
>
> </gbean>
>
>
>
> but the stack remains the same:
>
>
>
> 17:25:30,836 ERROR [SocketFactory] Unable to create server SSL socket
> factory
>
> org.apache.geronimo.management.geronimo.KeystoreException: Unable to
> create SSL Context
>
> at
> org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLContext
> (FileKeystoreManager.java:354)
>
> at
> org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLServerFactory
> (FileKeystoreManager.java:296)
>
> at
> org.apache.geronimo.security.keystore.FileKeystoreManager$$FastClassByCGLIB$$4d9d2a71.invoke
> (<generated>)
>
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(
> FastMethodInvoker.java:38)
>
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(
> GBeanOperation.java:124)
>
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(
> GBeanInstance.java:830)
>
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(
> RawInvoker.java:57)
>
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(
> RawOperationInvoker.java:35)
>
> at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(
> ProxyMethodInterceptor.java:96)
>
> at
> org.apache.geronimo.management.geronimo.KeystoreManager$$EnhancerByCGLIB$$bf6fcb72.createSSLServerFactory
> (<generated>)
>
> at
> org.apache.geronimo.corba.security.config.ssl.SSLConfig.createSSLServerFactory
> (SSLConfig.java:112)
>
> at
> org.apache.geronimo.corba.security.config.ssl.SSLConfig$$FastClassByCGLIB$$437ec1a5.invoke
> (<generated>)
>
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(
> FastMethodInvoker.java:38)
>
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(
> GBeanOperation.java:124)
>
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(
> GBeanInstance.java:830)
>
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(
> RawInvoker.java:57)
>
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(
> RawOperationInvoker.java:35)
>
> at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(
> ProxyMethodInterceptor.java:96)
>
> at
> org.apache.geronimo.corba.security.config.ssl.SSLConfig$$EnhancerByCGLIB$$55d3f0dd.createSSLServerFactory
> (<generated>)
>
> at org.apache.geronimo.yoko.SocketFactory.getServerSocketFactory(
> SocketFactory.java:404)
>
> at org.apache.geronimo.yoko.SocketFactory.createServerSocket(
> SocketFactory.java:317)
>
> at org.apache.yoko.orb.OCI.IIOP.Acceptor_impl
> .<init>(Acceptor_impl.java:461)
>
> at org.apache.yoko.orb.OCI.IIOP.AccFactory_impl.create_acceptor
> (AccFactory_impl.java:157)
>
> at
> org.apache.yoko.orb.OBPortableServer.POAManagerFactory_impl.create_POAManager
> (POAManagerFactory_impl.java:251)
>
> at org.apache.yoko.orb.OB.ORBControl.initializeRootPOA(
> ORBControl.java:516)
>
> at org.apache.yoko.orb.OBCORBA.ORB_impl.resolve_initial_references
> (ORB_impl.java:1095)
>
> at org.apache.geronimo.corba.CORBABean.doStart(CORBABean.java:243)
>
> at org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(
> GBeanInstance.java:996)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(
> GBeanInstanceState.java:268)
>
> at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(
> GBeanInstanceState.java:102)
>
> at org.apache.geronimo.gbean.runtime.GBeanInstance.start(
> GBeanInstance.java:539)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(
> GBeanDependency.java:111)
>
> at org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(
> GBeanDependency.java:146)
>
> at org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(
> GBeanDependency.java:120)
>
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(
> BasicLifecycleMonitor.java:176)
>
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(
> BasicLifecycleMonitor.java:44)
>
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent
> (BasicLifecycleMonitor.java:254)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(
> GBeanInstanceState.java:294)
>
> at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(
> GBeanInstanceState.java:102)
>
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(
> GBeanInstanceState.java:124)
>
> at org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(
> GBeanInstance.java:553)
>
> at
> org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(
> BasicKernel.java:379)
>
> at
> org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans
> (ConfigurationUtil.java:448)
>
> at
> org.apache.geronimo.kernel.config.KernelConfigurationManager.start(
> KernelConfigurationManager.java:187)
>
> at
> org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration
> (SimpleConfigurationManager.java:530)
>
> at
> org.apache.geronimo.kernel.config.SimpleConfigurationManager$$FastClassByCGLIB$$ce77a924.invoke
> (<generated>)
>
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(
> FastMethodInvoker.java:38)
>
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(
> GBeanOperation.java:124)
>
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(
> GBeanInstance.java:830)
>
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(
> RawInvoker.java:57)
>
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(
> RawOperationInvoker.java:35)
>
> at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(
> ProxyMethodInterceptor.java:96)
>
> at
> org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$ce332814.startConfiguration
> (<generated>)
>
> at org.apache.geronimo.system.main.EmbeddedDaemon.doStartup(
> EmbeddedDaemon.java:156)
>
> at org.apache.geronimo.system.main.EmbeddedDaemon.execute(
> EmbeddedDaemon.java:78)
>
> at
> org.apache.geronimo.kernel.util.MainConfigurationBootstrapper.main(
> MainConfigurationBootstrapper.java:45)
>
> at org.apache.geronimo.cli.AbstractCLI.executeMain(
> AbstractCLI.java:67)
>
> at org.apache.geronimo.cli.daemon.DaemonCLI.main(DaemonCLI.java
> :30)
>
> at java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>
> at java.lang.reflect.Method.invoke(Method.java:317)
>
> at org.apache.harmony.vm.JarRunner.main(JarRunner.java:80)
>
> Caused by: java.lang.reflect.InvocationTargetException
>
> at java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>
> at java.lang.reflect.Method.invoke(Method.java:317)
>
> at
> org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLContext
> (FileKeystoreManager.java:345)
>
> at
> org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLServerFactory
> (FileKeystoreManager.java:296)
>
> ... 62 more
>
> Caused by: java.security.NoSuchAlgorithmException: SSLContext SSL
> implementation not found
>
> at org.apache.harmony.security.fortress.Engine.getInstance(
> Engine.java:105)
>
> at javax.net.ssl.SSLContext.getInstance(SSLContext.java:79)
>
> at java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>
> ... 65 more
>
>
>
> Thank you!
>
>
>
> Vasily
>
>
>
>
>
> -----Original Message-----
>
> From: David Jencks [mailto:david_jencks@yahoo.com]
>
> Sent: Wednesday, December 05, 2007 3:24 AM
>
> To: user@geronimo.apache.org
>
> Subject: Re: TLS instead of SSL?
>
>
>
>
>
> On Dec 4, 2007, at 3:10 PM, Zakharov, Vasily M wrote:
>
>
>
> > Hi, all,
>
> >
>
> > Can Geronimo be tuned to use TLS instead of SSL?
>
> > Or, can it be tuned to not use SSL at all?
>
>
>
> I don't think anyone has tried this before. You might be able to
>
> disable any gbeans that need ssl. Without a stack trace its hard to
>
> guess where these might be but a start might be the https
>
> connectors. If this doesn't work a stack trace would be helpful.
>
> >
>
> > I'm trying to run Geronimo 2.0.2 on Apache Harmony, and it fails to
>
> > start because Harmony doesn't have SSL implementation, though is has
>
> > TLS.
>
>
>
> It's great to see someone working on G + H !
>
>
>
> thanks
>
> david jencks
>
>
>
> >
>
> > Thanks!
>
> >
>
> > Vasily Zakharov
>
> > Intel ESSD
>
> > --------------------------------------------------------------------
>
> > Closed Joint Stock Company Intel A/O
>
> > Registered legal address: 125252, Moscow, Russian Federation,
>
> > Chapayevsky Per, 14.
>
> >
>
> > This e-mail and any attachments may contain confidential material for
>
> > the sole use of the intended recipient(s). Any review or distribution
>
> > by others is strictly prohibited. If you are not the intended
>
> > recipient, please contact the sender and delete all copies.
>
>
>
> --------------------------------------------------------------------
> Closed Joint Stock Company Intel A/O
> Registered legal address: 125252, Moscow, Russian Federation,
> Chapayevsky Per, 14.
>
> This e-mail and any attachments may contain confidential material for
> the sole use of the intended recipient(s). Any review or distribution
> by others is strictly prohibited. If you are not the intended
> recipient, please contact the sender and delete all copies.
>
>
RE: TLS instead of SSL?
Posted by "Zakharov, Vasily M" <va...@intel.com>.
Hi, David,
I've removed the following sections from config.xml:
<gbean name="Server">
<attribute name="port">${ORBSSLPort + PortOffset}</attribute>
<attribute name="host">${ORBSSLHost}</attribute>
</gbean>
<gbean name="JettySSLConnector">
<attribute name="host">${ServerHostname}</attribute>
<attribute name="port">${HTTPSPortPrimary + PortOffset}</attribute>
</gbean>
and also the following redirectPort tags:
<gbean name="JettyWebConnector">
<attribute name="host">${ServerHostname}</attribute>
<attribute name="port">${HTTPPortPrimary + PortOffset}</attribute>
<!-- attribute name="redirectPort">${HTTPSPortPrimary +
PortOffset}</attribute -->
</gbean>
<gbean name="JettyAJP13Connector">
<attribute name="host">${ServerHostname}</attribute>
<attribute name="port">${AJPPortPrimary + PortOffset}</attribute>
<!-- attribute name="redirectPort">${HTTPSPortPrimary +
PortOffset}</attribute -->
</gbean>
but the stack remains the same:
17:25:30,836 ERROR [SocketFactory] Unable to create server SSL socket
factory
org.apache.geronimo.management.geronimo.KeystoreException: Unable to
create SSL Context
at
org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLConte
xt(FileKeystoreManager.java:354)
at
org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLServe
rFactory(FileKeystoreManager.java:296)
at
org.apache.geronimo.security.keystore.FileKeystoreManager$$FastClassByCG
LIB$$4d9d2a71.invoke(<generated>)
at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
at
org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInv
oker.java:38)
at
org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.j
ava:124)
at
org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.jav
a:830)
at
org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
at
org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperation
Invoker.java:35)
at
org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyM
ethodInterceptor.java:96)
at
org.apache.geronimo.management.geronimo.KeystoreManager$$EnhancerByCGLIB
$$bf6fcb72.createSSLServerFactory(<generated>)
at
org.apache.geronimo.corba.security.config.ssl.SSLConfig.createSSLServerF
actory(SSLConfig.java:112)
at
org.apache.geronimo.corba.security.config.ssl.SSLConfig$$FastClassByCGLI
B$$437ec1a5.invoke(<generated>)
at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
at
org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInv
oker.java:38)
at
org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.j
ava:124)
at
org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.jav
a:830)
at
org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
at
org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperation
Invoker.java:35)
at
org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyM
ethodInterceptor.java:96)
at
org.apache.geronimo.corba.security.config.ssl.SSLConfig$$EnhancerByCGLIB
$$55d3f0dd.createSSLServerFactory(<generated>)
at
org.apache.geronimo.yoko.SocketFactory.getServerSocketFactory(SocketFact
ory.java:404)
at
org.apache.geronimo.yoko.SocketFactory.createServerSocket(SocketFactory.
java:317)
at
org.apache.yoko.orb.OCI.IIOP.Acceptor_impl.<init>(Acceptor_impl.java:461
)
at
org.apache.yoko.orb.OCI.IIOP.AccFactory_impl.create_acceptor(AccFactory_
impl.java:157)
at
org.apache.yoko.orb.OBPortableServer.POAManagerFactory_impl.create_POAMa
nager(POAManagerFactory_impl.java:251)
at
org.apache.yoko.orb.OB.ORBControl.initializeRootPOA(ORBControl.java:516)
at
org.apache.yoko.orb.OBCORBA.ORB_impl.resolve_initial_references(ORB_impl
.java:1095)
at
org.apache.geronimo.corba.CORBABean.doStart(CORBABean.java:243)
at
org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(GBeanInst
ance.java:996)
at
org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GB
eanInstanceState.java:268)
at
org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstance
State.java:102)
at
org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java
:539)
at
org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBean
Dependency.java:111)
at
org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDepende
ncy.java:146)
at
org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDepende
ncy.java:120)
at
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(
BasicLifecycleMonitor.java:176)
at
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicL
ifecycleMonitor.java:44)
at
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroad
caster.fireRunningEvent(BasicLifecycleMonitor.java:254)
at
org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GB
eanInstanceState.java:294)
at
org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstance
State.java:102)
at
org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBea
nInstanceState.java:124)
at
org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInst
ance.java:553)
at
org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKe
rnel.java:379)
at
org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGB
eans(ConfigurationUtil.java:448)
at
org.apache.geronimo.kernel.config.KernelConfigurationManager.start(Kerne
lConfigurationManager.java:187)
at
org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfig
uration(SimpleConfigurationManager.java:530)
at
org.apache.geronimo.kernel.config.SimpleConfigurationManager$$FastClassB
yCGLIB$$ce77a924.invoke(<generated>)
at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
at
org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInv
oker.java:38)
at
org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.j
ava:124)
at
org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.jav
a:830)
at
org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
at
org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperation
Invoker.java:35)
at
org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyM
ethodInterceptor.java:96)
at
org.apache.geronimo.kernel.config.EditableConfigurationManager$$Enhancer
ByCGLIB$$ce332814.startConfiguration(<generated>)
at
org.apache.geronimo.system.main.EmbeddedDaemon.doStartup(EmbeddedDaemon.
java:156)
at
org.apache.geronimo.system.main.EmbeddedDaemon.execute(EmbeddedDaemon.ja
va:78)
at
org.apache.geronimo.kernel.util.MainConfigurationBootstrapper.main(MainC
onfigurationBootstrapper.java:45)
at
org.apache.geronimo.cli.AbstractCLI.executeMain(AbstractCLI.java:67)
at
org.apache.geronimo.cli.daemon.DaemonCLI.main(DaemonCLI.java:30)
at
java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
at java.lang.reflect.Method.invoke(Method.java:317)
at org.apache.harmony.vm.JarRunner.main(JarRunner.java:80)
Caused by: java.lang.reflect.InvocationTargetException
at
java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
at java.lang.reflect.Method.invoke(Method.java:317)
at
org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLConte
xt(FileKeystoreManager.java:345)
at
org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLServe
rFactory(FileKeystoreManager.java:296)
... 62 more
Caused by: java.security.NoSuchAlgorithmException: SSLContext SSL
implementation not found
at
org.apache.harmony.security.fortress.Engine.getInstance(Engine.java:105)
at javax.net.ssl.SSLContext.getInstance(SSLContext.java:79)
at
java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
... 65 more
Thank you!
Vasily
-----Original Message-----
From: David Jencks [mailto:david_jencks@yahoo.com]
Sent: Wednesday, December 05, 2007 3:24 AM
To: user@geronimo.apache.org
Subject: Re: TLS instead of SSL?
On Dec 4, 2007, at 3:10 PM, Zakharov, Vasily M wrote:
> Hi, all,
>
> Can Geronimo be tuned to use TLS instead of SSL?
> Or, can it be tuned to not use SSL at all?
I don't think anyone has tried this before. You might be able to
disable any gbeans that need ssl. Without a stack trace its hard to
guess where these might be but a start might be the https
connectors. If this doesn't work a stack trace would be helpful.
>
> I'm trying to run Geronimo 2.0.2 on Apache Harmony, and it fails to
> start because Harmony doesn't have SSL implementation, though is has
> TLS.
It's great to see someone working on G + H !
thanks
david jencks
>
> Thanks!
>
> Vasily Zakharov
> Intel ESSD
> --------------------------------------------------------------------
> Closed Joint Stock Company Intel A/O
> Registered legal address: 125252, Moscow, Russian Federation,
> Chapayevsky Per, 14.
>
> This e-mail and any attachments may contain confidential material for
> the sole use of the intended recipient(s). Any review or distribution
> by others is strictly prohibited. If you are not the intended
> recipient, please contact the sender and delete all copies.
--------------------------------------------------------------------
Closed Joint Stock Company Intel A/O
Registered legal address: 125252, Moscow, Russian Federation,
Chapayevsky Per, 14.
This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.
Re: TLS instead of SSL?
Posted by David Jencks <da...@yahoo.com>.
On Dec 4, 2007, at 3:10 PM, Zakharov, Vasily M wrote:
> Hi, all,
>
> Can Geronimo be tuned to use TLS instead of SSL?
> Or, can it be tuned to not use SSL at all?
I don't think anyone has tried this before. You might be able to
disable any gbeans that need ssl. Without a stack trace its hard to
guess where these might be but a start might be the https
connectors. If this doesn't work a stack trace would be helpful.
>
> I'm trying to run Geronimo 2.0.2 on Apache Harmony, and it fails to
> start because Harmony doesn't have SSL implementation, though is has
> TLS.
It's great to see someone working on G + H !
thanks
david jencks
>
> Thanks!
>
> Vasily Zakharov
> Intel ESSD
> --------------------------------------------------------------------
> Closed Joint Stock Company Intel A/O
> Registered legal address: 125252, Moscow, Russian Federation,
> Chapayevsky Per, 14.
>
> This e-mail and any attachments may contain confidential material for
> the sole use of the intended recipient(s). Any review or distribution
> by others is strictly prohibited. If you are not the intended
> recipient, please contact the sender and delete all copies.