1 Reply Latest reply on Oct 30, 2012 12:40 PM by yjma2001

    stopping jboss as 7 server hang from jboss-cli.sh when management-native configured to support SSL

    yjma2001
    yjma2001 Oct 29, 2012 1:36 PM

      Hi Community:

       

      At Jboss AS 7.1 (Standalone mode), trying to define the ssl (using self signed certificate created from java keytool) for the management-native interface. Her is my configuration:

       

       

              <security-realm name="ManagementRealm">

                  <authentication>

                      <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>

                  </authentication>

                  <server-identities>

                       <ssl protocol="TLS">

                           <keystore path="jboss.ks" relative-to="jboss.server.config.dir" password="jbosskey" />

                       </ssl>

                  </server-identities>

              </security-realm>

              <management-interfaces>

                  <native-interface security-realm="ManagementRealm">

                      <socket-binding native="management-native"/>

                  </native-interface>

                     ......

              </management-interfaces>

       

                .......

                <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>

       

      The jboss is starting up fine. But when I try to shutdown the JBOSS by using jboss-cli.sh, it is hanging. Is this configure right for supporting SSL at management-native? Any idea about hanging?

       

      Thanks

      Jack

      • 895 Views
      • Tags:
        • 1. Re: stopping jboss as 7 server hang from jboss-cli.sh when management-native configured to support SSL
          yjma2001
          yjma2001 Oct 30, 2012 12:40 PM (in response to yjma2001)

          The jboss-cli,sh was enbeded at our other scripts. Actiually when we run the jboss-cli.sh directly from command, it was waiting for the user input to accept the certificate:

           

          root@testServer:/opt/jboss-as-7.1.1.Final/bin# ./jboss-cli.sh --connect --controller=localhost:9999 -commands=:shutdown

          Unable to connect due to unrecognised server certificate

          Subject    - CN=testServer,OU=test,O=test,L=LA,ST=CA,C=US

          Issuer     - CN=testServer, OU=test, O=test INC, L=LA, ST=CA, C=US

          Valid From - Mon Oct 29 15:02:16 EDT 2012

          Valid To   - Sun Jan 27 14:02:16 EST 2013

          MD5 : 29:c6:12:76:11:ca:bb:53:ab:cf:a6:57:a9:30:f9:58

          SHA1 : 1f:8a:c0:d6:7f:ec:54:c9:e7:8b:7f:b2:aa:b8:09:9a:9d:91:19:5d

           

          Accept certificate? [N]o, [T]emporarily, [P]ermenantly :

           

           

          So jboss-cli.sh is not hanging, working as design.

           

          Thanks

          Jack

            • Actions