Management console https fails with IBM JVM
rstokoe1 Apr 13, 2012 12:03 PMShould I create a bug for this?
I am configuring https for the management console but on AIX, I get the errors below.
The same configuration works fine on Linux (RHEL5).
JBoss version: jboss-as-7.1.1.Final
mode: standalone
config: standalone-full.xml
OS: AIX
java: JRE 1.6.0 IBM J9
08:44:57,907 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-17) MSC00001: Failed to start service jboss.server.controller.management.security_realm.ManagementRealm.ssl: org.jboss.msc.service.StartException in service jboss.server.controller.management.security_realm.ManagementRealm.ssl: JBAS015229: Unable to start service
at org.jboss.as.domain.management.security.SSLIdentityService.start(SSLIdentityService.java:89)
at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:898) [rt.jar:1.6.0]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:920) [rt.jar:1.6.0]
at java.lang.Thread.run(Thread.java:736) [vm.jar:1.6.0]
Caused by: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:230) [rt.jar:1.6.0]
at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:16) [ibmjssefw.jar:6.0 build_20080328]
at org.jboss.as.domain.management.security.SSLIdentityService.start(SSLIdentityService.java:71)
... 5 more
.
.
.
JBAS014777: Services which failed to start: service jboss.server.controller.management.security_realm.ManagementRealm.ssl: org.jboss.msc.service.StartException in service jboss.server.controller.management.security_realm.ManagementRealm.ssl: JBAS015229: Unable to start service
08:44:59,518 INFO [org.jboss.as] (Controller Boot Thread) JBAS015954: Admin console is not enabled
08:44:59,518 ERROR [org.jboss.as] (Controller Boot Thread) JBAS015875: JBoss AS 7.1.1.Final "Brontes" started (with errors) in 8614ms - Started 209 of 296 services (4 services failed or missing dependencies, 82 services are passive or on-demand
The problem seems to be the following hard-coding of SunX509 in org.jboss.as.domain.management.security.SSLIdentityService.java:
SSLIdentityService.java:71: | KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509"); |
SSLIdentityService.java:79: | TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509"); |
Either of the following work on AIX:
SSLIdentityService.java:71: | KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("IbmX509"); |
SSLIdentityService.java:79: | TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("IbmX509"); |
SSLIdentityService.java:71: | KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); |
SSLIdentityService.java:79: | TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); |