7 Replies Latest reply on Jan 18, 2012 10:26 AM by pferraro

    Does modcluster subsystem support ssl in AS7?

    traian20

      I have tried to configure the modcluster subsystem to use SSL by adding the following configuration in domain.xml:

      <subsystem xmlns="urn:jboss:domain:modcluster:1.0">

             <mod-cluster-config advertise-socket="modcluster">

                  <ssl password="mypass"

                          certificate-key-file="${jboss.domain.config.dir}/test.p12"

                          ca-certificate-file="${jboss.domain.config.dir}/ca.p12" />

             </mod-cluster-config>

        </subsystem>

       

      But when the AS starts I receive the following error:

       

      [Server:server-two] 17:35:07,070 ERROR [stderr] (pool-4-thread-1) Exception in thread "pool-4-thread-1" java.lang.IllegalStateException: java.io.FileNotFoundException: C:\Users\Administrator\.keystore (The system cannot find the file specified)

      [Server:server-two]

      [Server:server-two] 17:35:07,070 ERROR [stderr] (pool-4-thread-1)       at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.<init>(JSSESocketFactory.java:120)

      [Server:server-two]

      [Server:server-two] 17:35:07,070 ERROR [stderr] (pool-4-thread-1)       at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler$Proxy.<init>(DefaultMCMPHandler.java:815)

      [Server:server-two]

      [Server:server-two] 17:35:07,070 ERROR [stderr] (pool-4-thread-1)       at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.add(DefaultMCMPHandler.java:192)

      [Server:server-two]

      [Server:server-two] 17:35:07,070 ERROR [stderr] (pool-4-thread-1)       at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.addProxy(DefaultMCMPHandler.java:187)

      [Server:server-two]

      [Server:server-two] 17:35:07,070 ERROR [stderr] (pool-4-thread-1)       at org.jboss.modcluster.advertise.impl.AdvertiseListenerImpl$AdvertiseListenerWorker.run(AdvertiseListenerImpl.java:505)

      [Server:server-two]

      [Server:server-two] 17:35:07,070 ERROR [stderr] (pool-4-thread-1)       at java.lang.Thread.run(Thread.java:722)

      [Server:server-two]

      [Server:server-two] 17:35:07,085 ERROR [stderr] (pool-4-thread-1) Caused by: java.io.FileNotFoundException: C:\Users\Administrator\.keystore (The system cannot find the file specified)

      [Server:server-two]

      [Server:server-two] 17:35:07,085 ERROR [stderr] (pool-4-thread-1)       at java.io.FileInputStream.open(Native Method)

      [Server:server-two]

      [Server:server-two] 17:35:07,085 ERROR [stderr] (pool-4-thread-1)       at java.io.FileInputStream.<init>(FileInputStream.java:138)

      [Server:server-two]

      [Server:server-two] 17:35:07,085 ERROR [stderr] (pool-4-thread-1)       at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getStore(JSSESocketFactory.java:275)

      [Server:server-two]

      [Server:server-two] 17:35:07,085 ERROR [stderr] (pool-4-thread-1)       at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getKeystore(JSSESocketFactory.java:224)

      [Server:server-two]

      [Server:server-two] 17:35:07,085 ERROR [stderr] (pool-4-thread-1)       at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:311)

      [Server:server-two]

      [Server:server-two] 17:35:07,085 ERROR [stderr] (pool-4-thread-1)       at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.<init>(JSSESocketFactory.java:102)

       

      I tested with the latest two Jboss AS 7.1.x releases (7.1.0 Beta1b, and 7.1.0 CR1b). It looks to me that the path to my certificate is ignored and it tries to load always the default one "${user.home}/.keystore". Is this a bug? Does it have a workaround?