Enabling IIOP over SSL in JBoss AS 7
bkundal Jul 1, 2016 5:54 AMThe following client configuration does not work for connecting to the SSL enabled IIOP in JBoss AS 7:
env.put("jacorb.ssl.socket_factory", "org.jacorb.security.ssl.sun_jsse.SSLSocketFactory");
env.put("jacorb.ssl.server_socket_factory", "org.jacorb.security.ssl.sun_jsse.SSLServerSocketFactory");
env.put("jacorb.security.support_ssl", "on");
env.put("jacorb.security.ssl.client.supported_options","20");
env.put("jacorb.security.ssl.client.required_options","20");
env.put("jacorb.security.ssl.server.supported_options","20");
env.put("jacorb.security.ssl.server.required_options", "20");
env.put("jacorb.security.ssl.corbaloc_ssliop.supported_options","20");
env.put("jacorb.security.ssl.corbaloc_ssliop.required_options","20");
env.put("org.omg.PortableInterceptor.ORBInitializerClass.standard_init","org.jacorb.orb.standardInterceptors.IORInterceptorInitializer");
/**SSL options end here**/
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.cosnaming.CNCtxFactory");
env.put(Context.PROVIDER_URL, "corbaloc::" + host + ":3529/JBoss/Naming/root");
// env.put(Context.PROVIDER_URL, "corbaloc:iiop:" + host + ":3529/JBoss/Naming/root");
The server side is enabled for SSL like this:
<orb ssl-socket-binding="jacorb-ssl">
<initializers security="identity" transactions="spec"/>
</orb>
<security support-ssl="on" security-domain="ssl-domain"/>
</subsystem>
The port 3529 is the IIOP SSL port .
The server complaints that:
15:05:23,852 INFO [stdout] (ServerMessageReceptor2) ServerMessageReceptor2, handling exception: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
15:05:23,853 INFO [stdout] (ServerMessageReceptor2) ServerMessageReceptor2, SEND TLSv1.2 ALERT: fatal, description = unexpected_message
15:05:23,853 INFO [stdout] (ServerMessageReceptor2) ServerMessageReceptor2, WRITE: TLSv1.2 Alert, length = 2
15:05:23,853 INFO [stdout] (ServerMessageReceptor2) ServerMessageReceptor2, called closeSocket()
15:05:24,875 INFO [stdout] (ServerMessageReceptor2) ServerMessageReceptor2, called close()
15:05:24,875 INFO [stdout] (ServerMessageReceptor2) ServerMessageReceptor2, called closeInternal(true)
15:05:24,875 INFO [stdout] (ServerMessageReceptor2) ServerMessageReceptor2, called close()
15:05:24,875 INFO [stdout] (ServerMessageReceptor2) ServerMessageReceptor2, called closeInternal(true)
15:05:24,875 INFO [stdout] (ServerMessageReceptor2) ServerMessageReceptor2, called close()
15:05:24,875 INFO [stdout] (ServerMessageReceptor2) ServerMessageReceptor2, called closeInternal(true)
Somewhere I feel something is missing on the client side .Can anyone help with pointers