0 Replies Latest reply on Nov 17, 2005 3:17 PM by mdessure

    Unable to shutdown JBoss when SSL is enabled...

    mdessure
    mdessure Nov 17, 2005 3:17 PM

      I set up JBoss to be SSL using my own generated self-signed key pair and the server and my application work fine except for the shutdown script.

      So I modified the $JBOSS_HOME/server/conf/jboss-service.xml to add the following mbean definition:

      <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
 name="jboss.security:service=JaasSecurityDomain,domain=my-domain">
 <constructor>
 <arg type="java.lang.String" value="my-domain"/>
 </constructor>
 <attribute name="KeyStoreURL">${jboss.server.home.dir}/conf/my.keystore</attribute>
 <attribute name="KeyStorePass">password</attribute>
 </mbean>

      Where my.keystore is the keystore the server uses.

      I also modified the entry for the JRMPInvoker to look like this: 

      <!-- RMI/JRMP invoker -->
 <mbean code="org.jboss.invocation.jrmp.server.JRMPInvoker"
 name="jboss:service=invoker,type=jrmp">
 <attribute name="RMIObjectPort">4444</attribute>
 <attribute name="ServerAddress">${jboss.bind.address}</attribute>
 <attribute name="RMIClientSocketFactory">org.jboss.security.ssl.RMISSLClientSocketFactory</attribute>
 <attribute name="RMIServerSocketFactory">org.jboss.security.ssl.RMISSLServerSocketFactory</attribute>
 <attribute name="SecurityDomain">java:/jaas/my-domain</attribute>
 <depends>jboss:service=TransactionManager</depends>
 <depends>jboss.security:service=JaasSecurityDomain,domain=my-domain</depends>
 </mbean>


      I also modified the shutdown.bat to have these 2 new JAVA_OPTS:
      -Djavax.net.ssl.trustStore=%DIRNAME%/../server/default/conf/my.truststore
      -Djavax.net.ssl.trustStorePassword=password

      I call the shutdown script like this: 
      shutdown.bat -s localhost:11029 -u admin -p admin -S

      I get the following exception: 
      Exception in thread "main" java.lang.reflect.UndeclaredThrowableException
 at $Proxy1.shutdown(Unknown Source)
 at org.jboss.Shutdown.main(Shutdown.java:205)
Caused by: java.rmi.ServerException: IOE; nested exception is:
 java.io.IOException: HTTPS hostname wrong: should be <my_host_name>
 at org.jboss.invocation.http.interfaces.HttpInvokerProxy.invoke(HttpInvokerProxy.java:118)
 at org.jboss.invocation.InvokerInterceptor.invokeInvoker(InvokerInterceptor.java:163)
 at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:103)
 at org.jboss.jmx.connector.invoker.client.InvokerAdaptorClientInterceptor.invoke(InvokerAdaptorClientInterceptor.java:51)
 at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:55)
 at org.jboss.proxy.ClientMethodInterceptor.invoke(ClientMethodInterceptor.java:59)
 at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:91)
 at $Proxy0.invoke(Unknown Source)
 at org.jboss.Shutdown$ServerProxyHandler.invoke(Shutdown.java:234)
 ... 2 more
Caused by: java.io.IOException: HTTPS hostname wrong: should be <my_host_name>
 at sun.net.www.protocol.https.HttpsClient.checkURLSpoofing(HttpsClient.java:493)
 at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:418)
 at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:170)
 at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:836)
 at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
 at org.jboss.invocation.http.interfaces.Util.invoke(Util.java:126)
 at org.jboss.invocation.http.interfaces.HttpInvokerProxy.invoke(HttpInvokerProxy.java:103)
 ... 10 more


      I remembered that there's another jboss option to disable hostname checking:
      -Dorg.jboss.security.ignoreHttpsHost=true
      I added that to the list of JAVA_OPTS in shutdown script and now I get the following exception: 
      shutdown.bat -s localhost:11029 -u admin -p admin -S
Exception in thread "main" java.lang.StackOverflowError
 at java.util.TreeMap.firstEntry(TreeMap.java:1186)
 at java.util.TreeMap.access$300(TreeMap.java:81)
 at java.util.TreeMap$PrivateEntryIterator.<init>(TreeMap.java:1015)
 at java.util.TreeMap$KeyIterator.<init>(TreeMap.java:1056)
 at java.util.TreeMap$KeyIterator.<init>(TreeMap.java:1056)
 at java.util.TreeMap$1.iterator(TreeMap.java:580)
 at java.util.TreeSet.iterator(TreeSet.java:165)
 at org.jboss.mx.loading.LoadMgr3.beginLoadTask(LoadMgr3.java:216)
 at org.jboss.mx.loading.RepositoryClassLoader.loadClassImpl(RepositoryClassLoader.java:464)
 at org.jboss.mx.loading.RepositoryClassLoader.loadClass(RepositoryClassLoader.java:374)
 at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
 at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
 at org.jboss.invocation.http.server.HttpInvoker.invoke(HttpInvoker.java:150)
 at sun.reflect.GeneratedMethodAccessor94.invoke(Unknown Source)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:144)
 at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
 at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
 at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:249)
 at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:642)
 at org.jboss.invocation.http.server.HttpInvoker.invoke(HttpInvoker.java:139)
 at sun.reflect.GeneratedMethodAccessor94.invoke(Unknown Source)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:144)
 at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
 at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
 at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:249)
 at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:642)
 at org.jboss.invocation.http.server.HttpInvoker.invoke(HttpInvoker.java:139)
 at sun.reflect.GeneratedMethodAccessor94.invoke(Unknown Source)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:144)
 at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
 at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
 at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:249)
 at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:642)
 at org.jboss.invocation.http.server.HttpInvoker.invoke(HttpInvoker.java:139)
 at sun.reflect.GeneratedMethodAccessor94.invoke(Unknown Source)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:585)
 at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:144)
 at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
 at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
 at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:249)
 at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:642)
 at org.jboss.invocation.http.server.HttpInvoker.invoke(HttpInvoker.java:139)
 at sun.reflect.GeneratedMethodAccessor94.invoke(Unknown Source)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)


      How to shutdown an SSL JBoss? Any input is greatly appreciated.

      Environment:
      Windows XP /Linux
      JBoss 4.0.1 SP1

      • 2975 Views
      • Tags: