JBoss management via SSL
wtben May 21, 2013 4:43 AMI have a problem with my JBoss AS 7.1.1 after I configured it to use ssl for the management interface.
I followed https://community.jboss.org/wiki/SecuringAdministrationConsoleWithHttps to secure the admin console. This worked.
But now I realized that the native management interface does not work anymore.<br />
When I start my JBoss in Eclipse via the JBoss Tools I get lots of these error messages:
ERROR [org.jboss.remoting.remote.connection] (Remoting "myhost:MANAGEMENT" read-1) JBREM000200: Remote connection failed: javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
I have the following configuration in the `standalone.xml`:
<management> <security-realms> <security-realm name="ManagementRealm"> <server-identities> <ssl> <keystore path="my.keystore" relative-to="jboss.server.config.dir" password="xxPASSxx"/> </ssl> </server-identities> <authentication> <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/> </authentication> </security-realm> ... </security-realms> <management-interfaces> <native-interface security-realm="ManagementRealm"> <socket-binding native="management-native"/> </native-interface> <http-interface security-realm="ManagementRealm"> <socket-binding https="management-https"/> </http-interface> </management-interfaces> </management> <interfaces> <interface name="management"> <any-address/> </interface> ... </interfaces> <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}"> <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/> <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/> <socket-binding name="ajp" port="8009"/> <socket-binding name="http" port="8080"/> <socket-binding name="https" port="8443"/> <socket-binding name="osgi-http" interface="management" port="8090"/> <socket-binding name="remoting" port="4447"/> <socket-binding name="txn-recovery-environment" port="4712"/> <socket-binding name="txn-status-manager" port="4713"/> <socket-binding name="messaging" port="5445"/> <socket-binding name="messaging-throughput" port="5455"/> <outbound-socket-binding name="mail-smtp"> <remote-destination host="localhost" port="25"/> </outbound-socket-binding> </socket-binding-group>
What did I miss?