You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Shawn Jiang (JIRA)" <ji...@apache.org> on 2009/02/10 07:57:00 UTC
[jira] Created: (GERONIMO-4534) Can't secure connect to JMX with
JConsole.
Can't secure connect to JMX with JConsole.
------------------------------------------
Key: GERONIMO-4534
URL: https://issues.apache.org/jira/browse/GERONIMO-4534
Project: Geronimo
Issue Type: Bug
Security Level: public (Regular issues)
Components: management
Affects Versions: 2.1.4, 2.2
Environment: Windows XP
Sun JDK 1.5
geronimo_tomcat6_2.1.4_snapshot/20090209/
Reporter: Shawn Jiang
Priority: Blocker
I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
http://cewiki.cn.ibm.com:7080/confluence/display/V21Docs/Working+with+the+secure+JMX+server
* 1, Change the config.xml and start the server.
* 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
* 3, in the jconsole interface->advanced, input:
JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
user name: system
password: manager
* 4, click the connect button.
expected result: could connect to the JMX server.
actual result: CAN NOT connect to the JMX server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-4534) Can't secure connect to JMX with
JConsole.
Posted by "Shawn Jiang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4534?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Shawn Jiang updated GERONIMO-4534:
----------------------------------
Priority: Major (was: Blocker)
update to major from blocker and some investigation result here:
This defect is caused by a recent change in class JMXSecureConnector to use org.apache.geronimo.kernel.rmi.GeronimoSslRMIClientSocketFactory to replace javax.rmi.ssl.SslRMIClientSocketFactory.
JConsole need the client socket factory class locally to connect to the JMX server. That's why this defect happened. Two possible solutions.
* 1, Put the geronimo-kernel-2.1.4-SNAPSHOT.jar to the classpath when starting the jconsole so that jconsole could find org.apache.geronimo.kernel.rmi.GeronimoSslRMIClientSocketFactory.
* 2, Revert the client socket factory to javax.rmi.ssl.SslRMIClientSocketFactory.
Solution #1 just needs to update the document. But it has a limitation when user can't use jconsole at a machine without the geronimo-kernel-2.1.4-SNAPSHOT.jar to connect to the JMX server.
Solution #2 needs review because there's no JIRA related to the client socket factory replacement in the svn commit.
* path: https://svn.apache.org/repos/asf/geronimo/server/branches/2.1/framework/modules/geronimo-kernel/
* revision 727268.
* log: "RMI client socket factories that set socket timeouts - should prevent automatic builds from getting stuck"
> Can't secure connect to JMX with JConsole.
> ------------------------------------------
>
> Key: GERONIMO-4534
> URL: https://issues.apache.org/jira/browse/GERONIMO-4534
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: management
> Affects Versions: 2.1.4, 2.2
> Environment: Windows XP
> Sun JDK 1.5
> geronimo_tomcat6_2.1.4_snapshot/20090209/
> Reporter: Shawn Jiang
>
> I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
> http://cewiki.cn.ibm.com:7080/confluence/display/V21Docs/Working+with+the+secure+JMX+server
> * 1, Change the config.xml and start the server.
> * 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
> * 3, in the jconsole interface->advanced, input:
> JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
> user name: system
> password: manager
> * 4, click the connect button.
> expected result: could connect to the JMX server.
> actual result: CAN NOT connect to the JMX server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (GERONIMO-4534) Can't secure connect to JMX with
JConsole.
Posted by "Shawn Jiang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4534?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Shawn Jiang closed GERONIMO-4534.
---------------------------------
Closing it. Thanks Jarek.
> Can't secure connect to JMX with JConsole.
> ------------------------------------------
>
> Key: GERONIMO-4534
> URL: https://issues.apache.org/jira/browse/GERONIMO-4534
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: management
> Affects Versions: 2.1.4, 2.2
> Environment: Windows XP
> Sun JDK 1.5
> geronimo_tomcat6_2.1.4_snapshot/20090209/
> Reporter: Shawn Jiang
> Assignee: Jarek Gawor
> Fix For: 2.1.4, 2.2
>
>
> I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
> http://cwiki.apache.org/GMOxDOC21/configure-secure-jmx-server.html
> * 1, Change the config.xml and start the server.
> * 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
> * 3, in the jconsole interface->advanced, input:
> JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
> user name: system
> password: manager
> * 4, click the connect button.
> expected result: could connect to the JMX server.
> actual result: CAN NOT connect to the JMX server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (GERONIMO-4534) Can't secure connect to JMX with
JConsole.
Posted by "Jarek Gawor (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4534?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jarek Gawor reassigned GERONIMO-4534:
-------------------------------------
Assignee: Jarek Gawor
> Can't secure connect to JMX with JConsole.
> ------------------------------------------
>
> Key: GERONIMO-4534
> URL: https://issues.apache.org/jira/browse/GERONIMO-4534
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: management
> Affects Versions: 2.1.4, 2.2
> Environment: Windows XP
> Sun JDK 1.5
> geronimo_tomcat6_2.1.4_snapshot/20090209/
> Reporter: Shawn Jiang
> Assignee: Jarek Gawor
>
> I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
> http://cewiki.cn.ibm.com:7080/confluence/display/V21Docs/Working+with+the+secure+JMX+server
> * 1, Change the config.xml and start the server.
> * 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
> * 3, in the jconsole interface->advanced, input:
> JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
> user name: system
> password: manager
> * 4, click the connect button.
> expected result: could connect to the JMX server.
> actual result: CAN NOT connect to the JMX server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Issue Comment Edited: (GERONIMO-4534) Can't secure connect
to JMX with JConsole.
Posted by "Shawn Jiang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12672185#action_12672185 ]
genspring edited comment on GERONIMO-4534 at 2/10/09 6:05 PM:
----------------------------------------------------------------
Solution #1:
Update the document
http://cwiki.apache.org/GMOxDOC21/configure-secure-jmx-server.html
In the step to start jconsole change the command from
jconsole -J-Djavax.net.ssl.keyStore=%GERONIMO_HOME%\var\security\keystores\geronimo-default
-J-Djavax.net.ssl.keyStorePassword=secret
-J-Djavax.net.ssl.trustStore=%GERONIMO_HOME%\var\security\keystores\geronimo-default
-J-Djavax.net.ssl.trustStorePassword=secret
To
jconsole -J-Djavax.net.ssl.keyStore=%GERONIMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONIMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret -J-Djava.class.path=%JAVA_HOME%\lib\jconsole.jar;%JAVA_HOME%\lib\tools.jar;%GERONIMO_HOME%\repository\org\apache\geronimo\framework\geronimo-kernel\2.1.4\geronimo-kernel-2.1.4.jar
was (Author: genspring):
Solution #1:
Update the document http://cewiki.cn.ibm.com:7080/confluence/display/V21Docs/Working+with+the+secure+JMX+server
In the step to start jconsole change the command from
jconsole -J-Djavax.net.ssl.keyStore=%GERONIMO_HOME%\var\security\keystores\geronimo-default
-J-Djavax.net.ssl.keyStorePassword=secret
-J-Djavax.net.ssl.trustStore=%GERONIMO_HOME%\var\security\keystores\geronimo-default
-J-Djavax.net.ssl.trustStorePassword=secret
To
jconsole -J-Djavax.net.ssl.keyStore=%GERONIMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONIMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret -J-Djava.class.path=%JAVA_HOME%\lib\jconsole.jar;%JAVA_HOME%\lib\tools.jar;%GERONIMO_HOME%\repository\org\apache\geronimo\framework\geronimo-kernel\2.1.4\geronimo-kernel-2.1.4.jar
> Can't secure connect to JMX with JConsole.
> ------------------------------------------
>
> Key: GERONIMO-4534
> URL: https://issues.apache.org/jira/browse/GERONIMO-4534
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: management
> Affects Versions: 2.1.4, 2.2
> Environment: Windows XP
> Sun JDK 1.5
> geronimo_tomcat6_2.1.4_snapshot/20090209/
> Reporter: Shawn Jiang
> Assignee: Jarek Gawor
>
> I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
> http://cwiki.apache.org/GMOxDOC21/configure-secure-jmx-server.html
> * 1, Change the config.xml and start the server.
> * 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
> * 3, in the jconsole interface->advanced, input:
> JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
> user name: system
> password: manager
> * 4, click the connect button.
> expected result: could connect to the JMX server.
> actual result: CAN NOT connect to the JMX server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-4534) Can't secure connect to JMX with
JConsole.
Posted by "Shawn Jiang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4534?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Shawn Jiang updated GERONIMO-4534:
----------------------------------
Description:
I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
http://cwiki.apache.org/GMOxDOC21/configure-secure-jmx-server.html
* 1, Change the config.xml and start the server.
* 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
* 3, in the jconsole interface->advanced, input:
JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
user name: system
password: manager
* 4, click the connect button.
expected result: could connect to the JMX server.
actual result: CAN NOT connect to the JMX server.
was:
I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
http://cewiki.cn.ibm.com:7080/confluence/display/V21Docs/Working+with+the+secure+JMX+server
* 1, Change the config.xml and start the server.
* 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
* 3, in the jconsole interface->advanced, input:
JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
user name: system
password: manager
* 4, click the connect button.
expected result: could connect to the JMX server.
actual result: CAN NOT connect to the JMX server.
Thanks Jarek.
> Can't secure connect to JMX with JConsole.
> ------------------------------------------
>
> Key: GERONIMO-4534
> URL: https://issues.apache.org/jira/browse/GERONIMO-4534
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: management
> Affects Versions: 2.1.4, 2.2
> Environment: Windows XP
> Sun JDK 1.5
> geronimo_tomcat6_2.1.4_snapshot/20090209/
> Reporter: Shawn Jiang
> Assignee: Jarek Gawor
>
> I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
> http://cwiki.apache.org/GMOxDOC21/configure-secure-jmx-server.html
> * 1, Change the config.xml and start the server.
> * 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
> * 3, in the jconsole interface->advanced, input:
> JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
> user name: system
> password: manager
> * 4, click the connect button.
> expected result: could connect to the JMX server.
> actual result: CAN NOT connect to the JMX server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Issue Comment Edited: (GERONIMO-4534) Can't secure connect
to JMX with JConsole.
Posted by "Shawn Jiang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12672183#action_12672183 ]
genspring edited comment on GERONIMO-4534 at 2/9/09 11:10 PM:
----------------------------------------------------------------
update to major from blocker and some investigation result here:
This defect is caused by a recent change in class JMXSecureConnector to use org.apache.geronimo.kernel.rmi.GeronimoSslRMIClientSocketFactory to replace javax.rmi.ssl.SslRMIClientSocketFactory.
JConsole need the client socket factory class locally to connect to the JMX server. That's why this defect happened. Two possible solutions.
* 1, Put the geronimo-kernel-2.1.4-SNAPSHOT.jar to the classpath when starting the jconsole so that jconsole could find org.apache.geronimo.kernel.rmi.GeronimoSslRMIClientSocketFactory.
* 2, Revert the client socket factory to javax.rmi.ssl.SslRMIClientSocketFactory.
Solution #1 just needs to update the document. But it has a limitation that user can't use jconsole at a machine without the geronimo-kernel-2.1.4-SNAPSHOT.jar to connect to the JMX server.
Solution #2 needs review because there's no JIRA related to the client socket factory replacement in the svn commit.
* path: https://svn.apache.org/repos/asf/geronimo/server/branches/2.1/framework/modules/geronimo-kernel/
* revision 727268.
* log: "RMI client socket factories that set socket timeouts - should prevent automatic builds from getting stuck"
was (Author: genspring):
update to major from blocker and some investigation result here:
This defect is caused by a recent change in class JMXSecureConnector to use org.apache.geronimo.kernel.rmi.GeronimoSslRMIClientSocketFactory to replace javax.rmi.ssl.SslRMIClientSocketFactory.
JConsole need the client socket factory class locally to connect to the JMX server. That's why this defect happened. Two possible solutions.
* 1, Put the geronimo-kernel-2.1.4-SNAPSHOT.jar to the classpath when starting the jconsole so that jconsole could find org.apache.geronimo.kernel.rmi.GeronimoSslRMIClientSocketFactory.
* 2, Revert the client socket factory to javax.rmi.ssl.SslRMIClientSocketFactory.
Solution #1 just needs to update the document. But it has a limitation when user can't use jconsole at a machine without the geronimo-kernel-2.1.4-SNAPSHOT.jar to connect to the JMX server.
Solution #2 needs review because there's no JIRA related to the client socket factory replacement in the svn commit.
* path: https://svn.apache.org/repos/asf/geronimo/server/branches/2.1/framework/modules/geronimo-kernel/
* revision 727268.
* log: "RMI client socket factories that set socket timeouts - should prevent automatic builds from getting stuck"
> Can't secure connect to JMX with JConsole.
> ------------------------------------------
>
> Key: GERONIMO-4534
> URL: https://issues.apache.org/jira/browse/GERONIMO-4534
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: management
> Affects Versions: 2.1.4, 2.2
> Environment: Windows XP
> Sun JDK 1.5
> geronimo_tomcat6_2.1.4_snapshot/20090209/
> Reporter: Shawn Jiang
>
> I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
> http://cewiki.cn.ibm.com:7080/confluence/display/V21Docs/Working+with+the+secure+JMX+server
> * 1, Change the config.xml and start the server.
> * 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
> * 3, in the jconsole interface->advanced, input:
> JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
> user name: system
> password: manager
> * 4, click the connect button.
> expected result: could connect to the JMX server.
> actual result: CAN NOT connect to the JMX server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (GERONIMO-4534) Can't secure connect to JMX with
JConsole.
Posted by "Jarek Gawor (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4534?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jarek Gawor resolved GERONIMO-4534.
-----------------------------------
Resolution: Fixed
Fix Version/s: 2.2
2.1.4
Switched JMXConnector and JMXSecureConnector to use the built-in RMI client socket factories. Committed changes to trunk (revision 743220) and branches/2.1 (revision 743221). Thanks for catching this!
> Can't secure connect to JMX with JConsole.
> ------------------------------------------
>
> Key: GERONIMO-4534
> URL: https://issues.apache.org/jira/browse/GERONIMO-4534
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: management
> Affects Versions: 2.1.4, 2.2
> Environment: Windows XP
> Sun JDK 1.5
> geronimo_tomcat6_2.1.4_snapshot/20090209/
> Reporter: Shawn Jiang
> Assignee: Jarek Gawor
> Fix For: 2.1.4, 2.2
>
>
> I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
> http://cwiki.apache.org/GMOxDOC21/configure-secure-jmx-server.html
> * 1, Change the config.xml and start the server.
> * 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
> * 3, in the jconsole interface->advanced, input:
> JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
> user name: system
> password: manager
> * 4, click the connect button.
> expected result: could connect to the JMX server.
> actual result: CAN NOT connect to the JMX server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-4534) Can't secure connect to JMX with
JConsole.
Posted by "Shawn Jiang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12672185#action_12672185 ]
Shawn Jiang commented on GERONIMO-4534:
---------------------------------------
Solution #1:
Update the document http://cewiki.cn.ibm.com:7080/confluence/display/V21Docs/Working+with+the+secure+JMX+server
In the step to start jconsole change the command from
jconsole -J-Djavax.net.ssl.keyStore=%GERONIMO_HOME%\var\security\keystores\geronimo-default
-J-Djavax.net.ssl.keyStorePassword=secret
-J-Djavax.net.ssl.trustStore=%GERONIMO_HOME%\var\security\keystores\geronimo-default
-J-Djavax.net.ssl.trustStorePassword=secret
To
jconsole -J-Djavax.net.ssl.keyStore=%GERONIMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONIMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret -J-Djava.class.path=%JAVA_HOME%\lib\jconsole.jar;%JAVA_HOME%\lib\tools.jar;%GERONIMO_HOME%\repository\org\apache\geronimo\framework\geronimo-kernel\2.1.4\geronimo-kernel-2.1.4.jar
> Can't secure connect to JMX with JConsole.
> ------------------------------------------
>
> Key: GERONIMO-4534
> URL: https://issues.apache.org/jira/browse/GERONIMO-4534
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: management
> Affects Versions: 2.1.4, 2.2
> Environment: Windows XP
> Sun JDK 1.5
> geronimo_tomcat6_2.1.4_snapshot/20090209/
> Reporter: Shawn Jiang
>
> I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
> http://cewiki.cn.ibm.com:7080/confluence/display/V21Docs/Working+with+the+secure+JMX+server
> * 1, Change the config.xml and start the server.
> * 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
> * 3, in the jconsole interface->advanced, input:
> JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
> user name: system
> password: manager
> * 4, click the connect button.
> expected result: could connect to the JMX server.
> actual result: CAN NOT connect to the JMX server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-4534) Can't secure connect to JMX with
JConsole.
Posted by "Ying Tang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12672201#action_12672201 ]
Ying Tang commented on GERONIMO-4534:
-------------------------------------
Thanks. It also works well with WASCE 2.1.1.1 and WASCE 2.1.1.2.
I found we cannot shutdown the server via the "shutdown" command after we quit JConsole:
Failed to retrieve the RMIserver stub: javax.naming.NameNotFoundException: JMXConnector.
> Can't secure connect to JMX with JConsole.
> ------------------------------------------
>
> Key: GERONIMO-4534
> URL: https://issues.apache.org/jira/browse/GERONIMO-4534
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: management
> Affects Versions: 2.1.4, 2.2
> Environment: Windows XP
> Sun JDK 1.5
> geronimo_tomcat6_2.1.4_snapshot/20090209/
> Reporter: Shawn Jiang
>
> I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
> http://cewiki.cn.ibm.com:7080/confluence/display/V21Docs/Working+with+the+secure+JMX+server
> * 1, Change the config.xml and start the server.
> * 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
> * 3, in the jconsole interface->advanced, input:
> JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
> user name: system
> password: manager
> * 4, click the connect button.
> expected result: could connect to the JMX server.
> actual result: CAN NOT connect to the JMX server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-4534) Can't secure connect to JMX with
JConsole.
Posted by "Jarek Gawor (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12672290#action_12672290 ]
Jarek Gawor commented on GERONIMO-4534:
---------------------------------------
I'll revert the 727268 change. I think there might be another way of setting the timeout without using a custom socket factory.
> Can't secure connect to JMX with JConsole.
> ------------------------------------------
>
> Key: GERONIMO-4534
> URL: https://issues.apache.org/jira/browse/GERONIMO-4534
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: management
> Affects Versions: 2.1.4, 2.2
> Environment: Windows XP
> Sun JDK 1.5
> geronimo_tomcat6_2.1.4_snapshot/20090209/
> Reporter: Shawn Jiang
>
> I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
> http://cewiki.cn.ibm.com:7080/confluence/display/V21Docs/Working+with+the+secure+JMX+server
> * 1, Change the config.xml and start the server.
> * 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
> * 3, in the jconsole interface->advanced, input:
> JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
> user name: system
> password: manager
> * 4, click the connect button.
> expected result: could connect to the JMX server.
> actual result: CAN NOT connect to the JMX server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-4534) Can't secure connect to JMX with
JConsole.
Posted by "Ying Tang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4534?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12672208#action_12672208 ]
Ying Tang commented on GERONIMO-4534:
-------------------------------------
The configuration steps for JConsole also apply to IBM JDK 6.
> Can't secure connect to JMX with JConsole.
> ------------------------------------------
>
> Key: GERONIMO-4534
> URL: https://issues.apache.org/jira/browse/GERONIMO-4534
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: management
> Affects Versions: 2.1.4, 2.2
> Environment: Windows XP
> Sun JDK 1.5
> geronimo_tomcat6_2.1.4_snapshot/20090209/
> Reporter: Shawn Jiang
>
> I'm trying to use jconsole to securely connect to the JMX server of geronimo 2.1.4 snapshot according to the guide here:
> http://cewiki.cn.ibm.com:7080/confluence/display/V21Docs/Working+with+the+secure+JMX+server
> * 1, Change the config.xml and start the server.
> * 2, use "jconsole -J-Djavax.net.ssl.keyStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.keyStorePassword=secret -J-Djavax.net.ssl.trustStore=%GERONMO_HOME%\var\security\keystores\geronimo-default -J-Djavax.net.ssl.trustStorePassword=secret " start the jconsole.
> * 3, in the jconsole interface->advanced, input:
> JMX URL: service:jmx:rmi:///jndi/rmi://localhost:1099/JMXSecureConnector
> user name: system
> password: manager
> * 4, click the connect button.
> expected result: could connect to the JMX server.
> actual result: CAN NOT connect to the JMX server.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.