5 Replies Latest reply on May 16, 2006 9:09 PM by Ovidiu Feodorov

    Cannot get SSL remoting to work

    Oliver Hernandez Newbie

      I cannot get my client to communicate over SSL. The client gets the following errors repeatedly:

      2006-05-02 11:58:18,849 ERROR [inbound] org.jboss.remoting.transport.socket.SocketClientInvoker.transport(SocketClientInvoker.java:310)
       Got marshalling exception, exiting
      
      javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
      

      The server log shows this repeatedly:
      12:02:10,351 ERROR [ServerThread] failed to process invocation.
      java.io.IOException: Can not read data for version 128. Supported versions: 1,2
      
       at org.jboss.remoting.transport.socket.ServerThread.versionedRead(Server
      Thread.java:358)
       at org.jboss.remoting.transport.socket.ServerThread.processInvocation(Se
      rverThread.java:406)
       at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.j
      ava:484)
       at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.jav
      a:240)
      

      Per the Remoting documentation, I configured an SSL connector in the
      jboss-service.xml file as such:
       <!-- SSL Socket Connector. -->
      
       <mbean code="org.jboss.remoting.transport.Connector"
       xmbean-dd="org/jboss/remoting/transport/Connector.xml"
       name="jboss.messaging:service=Connector,transport=SSLSocket"
       display-name="SSL Socket transport Connector">
       <attribute name="Configuration">
       <config>
       <invoker transport="sslsocket">
       <attribute name="marshaller" isParam="true">org.jboss.jms.server.remoting.JMSWireFormat</attribute>
       <attribute name="unmarshaller" isParam="true">org.jboss.jms.server.remoting.JMSWireFormat</attribute>
       <attribute name="serializationtype" isParam="true">jboss</attribute>
       <attribute name="dataType" isParam="true">jms</attribute>
       <attribute name="socket.check_connection" isParam="true">false</attribute>
       <attribute name="socketTimeout" isParam="true">300000</attribute>
       <attribute name="enableTcpNoDelay" isParam="true">true</attribute>
       <attribute name="serverBindAddress">${jboss.bind.address}</attribute>
       <attribute name="serverBindPort">9000</attribute>
       </invoker>
       <handlers>
       <handler subsystem="JMS">org.jboss.jms.server.remoting.JMSServerInvocationHandler</handler>
       </handlers>
       </config>
       </attribute>
       <depends>jboss.messaging:service=NetworkRegistry</depends>
       </mbean>
      

      For launching JBoss 4.0.3SP1, I'm setting the SSL system properties for my keystore and trustore via -D parameters to start Java. My client is using the scoped jar file included with Messaging 1.0. It additionally has the 4.0.3SP1 jboss-client.jar, jbosssx-client.jar, and jnp-client.jar files in the classpath for JNDI and security. I verified that my installation and client works with the default non-SSL connector.

      TIA!