geode-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Patrick Rhomberg (JIRA)" <>
Subject [jira] [Resolved] (GEODE-1166) Attempting to connect to a locator using SSL fails
Date Thu, 15 Feb 2018 18:38:00 GMT


Patrick Rhomberg resolved GEODE-1166.
    Resolution: Not A Problem

Without the particulars of the property file in question, the described case appears to be
covered by the {{geode-examples/clientSecurity}} connecting over SSL.

As Kirk suggests, there are other tests both explicitly and implicitly test connection via

> Attempting to connect to a locator using SSL fails
> --------------------------------------------------
>                 Key: GEODE-1166
>                 URL:
>             Project: Geode
>          Issue Type: Bug
>          Components: gfsh, management
>            Reporter: Barry Oglesby
>            Priority: Major
> {noformat}
> gfsh>connect --locator=localhost[10331] --security-properties-file=/path/to/
> Connecting to Locator at [host=localhost, port=10331] ..
> Could not connect to Locator at [host=localhost, port=10331].
> Possible reason: Wrong or no SSL configuration provided. Please check logs /path/to/gfsh-%u_%g.log
> {noformat}
> One thing is the gfsh log file name is wrong.
> But the main issue is that it doesn't connect.
> I traced this to {{TcpClient.requestToServer}}. Instead of using the SSL {{SocketCreator}},
this method uses the non-SSL {{SocketCreator}} and fails to connect.
> In GemFire 8.2.0.x, the SSL {{SocketCreator}} is initialized in {{JmxManagerLocatorRequest.send}}
like below before the call to {{TcpClient.requestToServer}} is made.
> {noformat}
> SocketCreator.getDefaultInstance(distributionConfigProps);
> {noformat}
> This line doesn't exist in Geode. It looks like the change came in on commit d2a942e8e5025b11432d87b5de902daae130aca7
of GEODE-77.
> As a test, I added that line back into {{JmxManagerLocatorRequest.send}}, and the SSL
connection was made successfully.
> I'm not really sure why this line was taken out, so I don't know whether this change
can be made. Another option would be to pass the {{distributionConfigProps}} to {{TcpClient.requestToServer}}
and use them to create the SSL {{SocketCreator}}.

This message was sent by Atlassian JIRA

View raw message