You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@karaf.apache.org by "Dan Tran (Reopened) (JIRA)" <ji...@apache.org> on 2011/10/15 08:52:11 UTC
[jira] [Reopened] (KARAF-541) Support JMX SSL via
etc/org.apache.karaf.management.cfg
[ https://issues.apache.org/jira/browse/KARAF-541?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dan Tran reopened KARAF-541:
----------------------------
It turns out there is a flaw, which was shaded by another unintentional sleep before setupSSL() is called.
So instead of this method
/**
* Purely check for the availability of provided key stores and key
* @param keyStore
* @param keyAlias
* @param trustStore
* @param timeout
*/
private void checkForKeystoresAvailability( String keyStore, String keyAlias, String trustStore, long timeout ) {
for (int i = 0 ; i < timeout/1000; ++i) {
KeystoreInstance keyInstance = getKeystore(keyStore);
if (keyInstance != null && keyInstance.isKeystoreLocked()) {
sleep(1000);
logger.info( "Looking for keystore: {}...", keyStore );
continue;
}
if (keyInstance != null && keyInstance.isKeyLocked(keyAlias)) {
sleep(1000);
logger.info( "Looking for keystore's key: {}...", keyAlias );
continue;
}
KeystoreInstance trustInstance = trustStore == null ? null : getKeystore(trustStore);
if (trustInstance != null && trustInstance.isKeystoreLocked()) {
sleep(1000);
logger.info( "Looking for truststore: {}...", trustStore );
continue;
}
}
}
it must be changed to
/**
* Purely check for the availability of provided key stores and key
* @param keyStore
* @param keyAlias
* @param trustStore
* @param timeout
*/
private void checkForKeystoresAvailability( String keyStore, String keyAlias, String trustStore, long timeout ) {
for (int i = 0 ; i < timeout/1000; ++i) {
KeystoreInstance keyInstance = getKeystore(keyStore);
if (keyInstance == null || ( keyInstance != null && keyInstance.isKeystoreLocked()) ) {
sleep(1000);
logger.info( "Looking for keystore: {}...", keyStore );
continue;
}
if (keyInstance == null || (keyInstance != null && keyInstance.isKeyLocked(keyAlias))) {
sleep(1000);
logger.info( "Looking for keystore's key: {}...", keyAlias );
continue;
}
KeystoreInstance trustInstance = trustStore == null ? null : getKeystore(trustStore);
if (trustInstance==null || (trustInstance != null && trustInstance.isKeystoreLocked())) {
sleep(1000);
logger.info( "Looking for truststore: {}...", trustStore );
continue;
}
}
}
> Support JMX SSL via etc/org.apache.karaf.management.cfg
> --------------------------------------------------------
>
> Key: KARAF-541
> URL: https://issues.apache.org/jira/browse/KARAF-541
> Project: Karaf
> Issue Type: New Feature
> Components: karaf-core
> Affects Versions: 2.2.0
> Environment: windows, linux, java 6
> Reporter: Dan Tran
> Assignee: Jean-Baptiste Onofré
> Fix For: 2.2.4, 3.0.0
>
> Attachments: KARAF-541-2.diff, KARAF-541-initial.diff, KARAF-541.diff, dps-JMX.zip, org.apache.karaf.management.zip
>
>
> Initial discussion is at
> http://karaf.922171.n3.nabble.com/How-to-configure-JMX-connection-with-SSL-td2746251.html
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira