-
1. Re: SSL under wildfly without https
mchoma Mar 14, 2016 1:30 PM (in response to tbw)Try attribute socket-binding in https-listener element in undertow subsystem. What do you mean by "open cert from client side", can you elaborate more?
-
2. Re: SSL under wildfly without https
tbw Mar 14, 2016 2:05 PM (in response to mchoma)1. socket binding - cool. Thx.
2. I mean "self-signed certificate of a public key." as described here Making Self-Signed Certificates Trusted (this example (without application server) does not work for unknown reason at stage making trusted).
-
3. Re: SSL under wildfly without https
mchoma Mar 14, 2016 2:16 PM (in response to tbw)2. should be no problem. What exactly doesn't work for you? Look here to inspire Setting up SSL/TLS with Wildfly 10 .
-
4. Re: SSL under wildfly without https
tbw Mar 14, 2016 3:26 PM (in response to mchoma)UPD:
How i use login to this configuration with open cert?
I already have work login, but not understand how to connect with open cert.
UPD. I mean public cert:
keytool.exe -importcert -alias herong_home -file my_home.crt -keystore public.jks -storepass PublicJKS
with socket-binding
-
5. Re: SSL under wildfly without https
tbw Mar 14, 2016 4:08 PM (in response to tbw)i was found answer
SSL encrypted EJB calls with JBoss AS 7 - Thoughts on Java -
-
6. Re: SSL under wildfly without https
tbw Mar 14, 2016 5:00 PM (in response to tbw)Full 10.0.0.Final (WildFly Core 2.0.10.Final) starting
23:58:40,100 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055:
aught exception during boot: org.jboss.as.controller.persistence.ConfigurationP
rsistenceException: WFLYCTL0085: Failed to parse configuration
at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(X
lConfigurationPersister.java:131)
at org.jboss.as.server.ServerService.boot(ServerService.java:356)
at org.jboss.as.controller.AbstractControllerService$1.run(AbstractCont
ollerService.java:299)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.xml.stream.XMLStreamException: ParseError at [row,col]:[45,8]
Message: WFLYCTL0197: Unexpected attribute 'password' encountered
how to fix this?
-
7. Re: SSL under wildfly without https
mchoma Mar 14, 2016 5:08 PM (in response to tbw)keystore-password is password attribute in wildfly. You found tutorial based on AS 7. In tutorial I provided it is correct
-
8. Re: SSL under wildfly without https
tbw Mar 15, 2016 2:40 AM (in response to mchoma)Ok, already fixed, plus needed to set alias and copy file to standalone config. Now server side without errors.
-
9. Re: SSL under wildfly without https
tbw Mar 15, 2016 5:34 AM (in response to mchoma)Client does not work (
sources at http://www.filedropper.com/ssl-remote-ejb
C:\...ettings\andrew\Desktop\main\ssl-remote-ejb\client\target>re=C:\client.keystore -Djavax.net.ssl.trustStorePassword=123456
ьрЁ 15, 2016 12:24:48 PM org.xnio.Xnio <clinit>
INFO: XNIO version 3.2.2.Final
ьрЁ 15, 2016 12:24:48 PM org.xnio.nio.NioXnio <clinit>
INFO: XNIO NIO Implementation Version 3.2.2.Final
ьрЁ 15, 2016 12:24:49 PM org.jboss.remoting3.EndpointImpl <clinit>
INFO: JBoss Remoting version 4.0.3.Final
ьрЁ 15, 2016 12:24:54 PM org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector setupEJBReceivers
WARN: Could not register a EJB receiver for connection to 127.0.0.1:4447
java.lang.RuntimeException: Operation failed with status WAITING
at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:94) 12:28
at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:80)
at org.jboss.ejb.client.remoting.RemotingConnectionManager.getConnection(RemotingConnectionManager.java:51)
at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:161)
at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.getCurrent(ConfigBasedEJBClientContextSelector.java:118)
at org.jboss.ejb.client.naming.ejb.EjbNamingContext.createIdentifiableEjbClientContext(EjbNamingContext.java:269)
at org.jboss.ejb.client.naming.ejb.EjbNamingContext.setupScopedEjbClientContextIfNeeded(EjbNamingContext.java:134)
at org.jboss.ejb.client.naming.ejb.EjbNamingContext.<init>(EjbNamingContext.java:101)
at org.jboss.ejb.client.naming.ejb.ejbURLContextFactory.getObjectInstance(ejbURLContextFactory.java:38)
at javax.naming.spi.NamingManager.getURLObject(Unknown Source)
at javax.naming.spi.NamingManager.getURLContext(Unknown Source)
at javax.naming.InitialContext.getURLOrDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.lookup(Unknown Source)
at com.illucit.ejbremote.EjbRemoteClient.createEjbProxy(EjbRemoteClient.java:236)
at com.illucit.ejbremote.EjbRemoteClient.main(EjbRemoteClient.java:118)
ьрЁ 15, 2016 12:24:54 PM org.jboss.ejb.client.EJBClient <clinit>
INFO: JBoss EJB Client version 2.1.4.Final
Error accessing remote bean
java.lang.IllegalStateException: EJBCLIENT000025: No EJB receiver available for handling [appName:, moduleName:ejb-remote-server, distinctName:] combination for invocation context org.jboss.ejb.client.EJBClientInvocationContext@71bbf57e
at org.jboss.ejb.client.EJBClientContext.requireEJBReceiver(EJBClientContext.java:798)
at org.jboss.ejb.client.ReceiverInterceptor.handleInvocation(ReceiverInterceptor.java:128)
at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:186)
at org.jboss.ejb.client.EJBInvocationHandler.sendRequestWithPossibleRetries(EJBInvocationHandler.java:255)
at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:200)
at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:183)
at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:146)
at com.sun.proxy.$Proxy2.greet(Unknown Source)
at com.illucit.ejbremote.EjbRemoteClient.main(EjbRemoteClient.java:135)
----------------------------------
Server:
00:06:31,645 INFO [org.jboss.modules] (main) JBoss Modules version 1.5.1.Final
00:06:32,224 INFO [org.jboss.msc] (main) JBoss MSC version 1.2.6.Final
00:06:32,415 INFO [org.jboss.as] (MSC service thread 1-4) WFLYSRV0049: WildFly
Full 10.0.0.Final (WildFly Core 2.0.10.Final) starting
00:06:36,670 INFO [org.jboss.as.server.deployment.scanner] (DeploymentScanner-t
hreads - 1) WFLYDS0015: Re-attempting failed deployment ejb-remote-server.jar
00:06:36,955 INFO [org.jboss.as.repository] (ServerService Thread Pool -- 7) WF
LYDR0001: Content added at location C:\Documents and Settings\andrew\Desktop\mai
n\wildfly-10.0.0.Final\standalone\data\content\e8\d3b94060318880b29abb6bd0b8f8fa
9a9b192a\content
00:06:37,000 INFO [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0039: C
reating http management service using socket-binding (management-http)
00:06:37,052 INFO [org.xnio] (MSC service thread 1-3) XNIO version 3.3.4.Final
00:06:37,095 INFO [org.xnio.nio] (MSC service thread 1-3) XNIO NIO Implementati
on Version 3.3.4.Final
00:06:37,267 INFO [org.jboss.as.naming] (ServerService Thread Pool -- 46) WFLYN
AM0001: Activating Naming Subsystem
00:06:37,343 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Po
ol -- 38) WFLYCLINF0001: Activating Infinispan subsystem.
00:06:37,373 INFO [org.jboss.as.jsf] (ServerService Thread Pool -- 44) WFLYJSF0
007: Activated the following JSF Implementations: [main]
00:06:37,463 INFO [org.wildfly.extension.io] (ServerService Thread Pool -- 37)
WFLYIO001: Worker 'default' has auto-configured to 4 core threads with 32 task t
hreads based on your 2 available processors
00:06:37,510 INFO [org.jboss.as.webservices] (ServerService Thread Pool -- 56)
WFLYWS0002: Activating WebServices Extension
00:06:37,528 INFO [org.jboss.as.security] (ServerService Thread Pool -- 53) WFL
YSEC0002: Activating Security Subsystem
00:06:37,535 WARN [org.jboss.as.txn] (ServerService Thread Pool -- 54) WFLYTX00
13: Node identifier property is set to the default value. Please make sure it is
unique.
00:06:37,751 INFO [org.jboss.remoting] (MSC service thread 1-1) JBoss Remoting
version 4.0.18.Final
00:06:38,181 INFO [org.wildfly.extension.undertow] (ServerService Thread Pool -
- 55) WFLYUT0003: Undertow 1.3.15.Final starting
00:06:38,263 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFL
YUT0003: Undertow 1.3.15.Final starting
00:06:38,303 INFO [org.jboss.as.naming] (MSC service thread 1-1) WFLYNAM0003: S
tarting Naming Service
00:06:38,313 INFO [org.jboss.as.mail.extension] (MSC service thread 1-3) WFLYMA
IL0001: Bound mail session [java:jboss/mail/Default]
00:06:38,536 INFO [org.jboss.as.connector] (MSC service thread 1-1) WFLYJCA0009
: Starting JCA Subsystem (WildFly/IronJacamar 1.3.2.Final)
00:06:38,632 INFO [org.jboss.as.connector.subsystems.datasources] (ServerServic
e Thread Pool -- 33) WFLYJCA0005: Deploying non-JDBC-compliant driver class org.
postgresql.Driver (version 9.4)
00:06:38,498 INFO [org.jboss.as.security] (MSC service thread 1-2) WFLYSEC0001:
Current PicketBox version=4.9.4.Final
00:06:38,891 INFO [org.jboss.as.connector.deployers.jdbc] (MSC service thread 1
-3) WFLYJCA0018: Started Driver service with driver-name = postgresql
00:06:39,120 INFO [org.wildfly.extension.undertow] (ServerService Thread Pool -
- 55) WFLYUT0014: Creating file handler for path 'C:\Documents and Settings\andr
ew\Desktop\main\wildfly-10.0.0.Final/welcome-content' with options [directory-li
sting: 'false', follow-symlink: 'false', case-sensitive: 'true', safe-symlink-pa
ths: '[]']
00:06:39,125 INFO [org.jboss.as.ejb3] (MSC service thread 1-1) WFLYEJB0481: Str
ict pool slsb-strict-max-pool is using a max instance size of 32 (per class), wh
ich is derived from thread worker pool sizing.
00:06:39,162 INFO [org.jboss.as.ejb3] (MSC service thread 1-3) WFLYEJB0482: Str
ict pool mdb-strict-max-pool is using a max instance size of 8 (per class), whic
h is derived from the number of CPUs on this host.
00:06:39,526 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFL
YUT0012: Started server default-server.
00:06:39,648 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFL
YUT0018: Host default-host starting
00:06:39,889 INFO [org.wildfly.extension.undertow] (MSC service thread 1-4) WFL
YUT0006: Undertow HTTP listener default listening on 127.0.0.1:8080
00:06:40,667 INFO [org.jboss.as.server.deployment] (MSC service thread 1-2) WFL
YSRV0027: Starting deployment of "ejb-remote-server.jar" (runtime-name: "ejb-rem
ote-server.jar")
00:06:40,698 INFO [org.jboss.as.server.deployment.scanner] (MSC service thread
1-1) WFLYDS0013: Started FileSystemDeploymentService for directory C:\Documents
and Settings\andrew\Desktop\main\wildfly-10.0.0.Final\standalone\deployments
00:06:40,944 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service
thread 1-4) WFLYJCA0001: Bound data source [java:jboss/datasources/PostgreDataSo
urce]
00:06:41,733 INFO [org.jboss.ws.common.management] (MSC service thread 1-1) JBW
S022052: Starting JBossWS 5.1.3.Final (Apache CXF 3.1.4)
00:06:41,747 INFO [org.infinispan.factories.GlobalComponentRegistry] (MSC servi
ce thread 1-4) ISPN000128: Infinispan version: Infinispan 'Mahou' 8.1.0.Final
00:06:41,756 INFO [org.infinispan.factories.GlobalComponentRegistry] (MSC servi
ce thread 1-2) ISPN000128: Infinispan version: Infinispan 'Mahou' 8.1.0.Final
00:06:42,954 INFO [org.jboss.weld.deployer] (MSC service thread 1-1) WFLYWELD00
03: Processing weld deployment ejb-remote-server.jar
00:06:43,286 INFO [org.hibernate.validator.internal.util.Version] (MSC service
thread 1-1) HV000001: Hibernate Validator 5.2.3.Final
00:06:43,532 INFO [org.jboss.as.ejb3.deployment] (MSC service thread 1-1) WFLYE
JB0473: JNDI bindings for session bean named 'ExampleServiceImpl' in deployment
unit 'deployment "ejb-remote-server.jar"' are as follows:
java:global/ejb-remote-server/ExampleServiceImpl!com.illucit.ejbremote.s
erver.ExampleService
java:app/ejb-remote-server/ExampleServiceImpl!com.illucit.ejbremote.serv
er.ExampleService
java:module/ExampleServiceImpl!com.illucit.ejbremote.server.ExampleServi
ce
java:jboss/exported/ejb-remote-server/ExampleServiceImpl!com.illucit.ejb
remote.server.ExampleService
java:global/ejb-remote-server/ExampleServiceImpl
java:app/ejb-remote-server/ExampleServiceImpl
java:module/ExampleServiceImpl
00:06:43,818 INFO [org.jboss.weld.deployer] (MSC service thread 1-1) WFLYWELD00
06: Starting Services for CDI deployment: ejb-remote-server.jar
00:06:43,840 INFO [org.infinispan.configuration.cache.EvictionConfigurationBuil
der] (ServerService Thread Pool -- 58) ISPN000152: Passivation configured withou
t an eviction policy being selected. Only manually evicted entities will be pass
ivated.
00:06:43,914 INFO [org.infinispan.configuration.cache.EvictionConfigurationBuil
der] (ServerService Thread Pool -- 58) ISPN000152: Passivation configured withou
t an eviction policy being selected. Only manually evicted entities will be pass
ivated.
00:06:43,962 INFO [org.jboss.weld.Version] (MSC service thread 1-1) WELD-000900
: 2.3.2 (Final)
00:06:44,005 INFO [org.infinispan.configuration.cache.EvictionConfigurationBuil
der] (ServerService Thread Pool -- 59) ISPN000152: Passivation configured withou
t an eviction policy being selected. Only manually evicted entities will be pass
ivated.
00:06:44,089 INFO [org.infinispan.configuration.cache.EvictionConfigurationBuil
der] (ServerService Thread Pool -- 59) ISPN000152: Passivation configured withou
t an eviction policy being selected. Only manually evicted entities will be pass
ivated.
00:06:44,095 INFO [org.jboss.weld.deployer] (MSC service thread 1-1) WFLYWELD00
09: Starting weld service for deployment ejb-remote-server.jar
00:06:45,140 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Po
ol -- 58) WFLYCLINF0002: Started client-mappings cache from ejb container
00:06:46,419 INFO [org.jboss.as.server] (ServerService Thread Pool -- 34) WFLYS
RV0010: Deployed "ejb-remote-server.jar" (runtime-name : "ejb-remote-server.jar"
)
00:06:46,801 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http man
agement interface listening on http://127.0.0.1:9990/management
00:06:46,805 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin co
nsole listening on http://127.0.0.1:9990
00:06:46,807 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0025: WildFly
Full 10.0.0.Final (WildFly Core 2.0.10.Final) started in 16081ms - Started 364 o
f 634 services (378 services are lazy, passive or on-demand)
-
10. Re: SSL under wildfly without https
mchoma Mar 15, 2016 6:18 AM (in response to tbw)You are trying to connect to port 4447. It is not default remoting port anymore in wildfly. But probably it is why you were asking about socket-binding.
But see this thread and mainly correct answer to see how you can configure ejb to use TLS in wildfly How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?
-
11. Re: SSL under wildfly without https
tbw Mar 15, 2016 6:36 AM (in response to mchoma)I'm trying to change standalone.xml:
<socket-binding name="remoting" port="4447"/>
but have similar result.
Now i reading last article in cycle, but not see resolution.
I need to have on client side open part of ssl only (only public cert), becouse application is fully public.