geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vamsavardhana Reddy" <>
Subject Re: JMX connections over SSL
Date Tue, 26 Feb 2008 21:32:38 GMT

I have quickly put together an implementation to enable SSL for JMX
connectors.  See JIRA for a patch.  Here are some problems that I have run

The JMXConnector GBean is in j2ee-security config.  If I add a
KeystoreManager as reference and "geronimo-default" as the KeystoreInstance
to be used, the Keystore GBean is not started yet and so the KeystoreGBean
is not seen by the KeystoreManager.  Because of this,
keystoreManager.createSSLServerFactory(...) is failing.  So, I had to add
the KeystoreGBean to j2ee-system config.  And the order in which GBeans are
started also matters.  Should the JMXConnector be moved to
server-security-config? Or allow users to configure multiple JMXConnectors??

Suggestions?  Comment??


On Wed, Feb 27, 2008 at 12:12 AM, Donald Woods <> wrote:

> Yes, it seems like an option security conscious users would want
> (especially if they want to remotely monitor a hosted server....)
> -Donald
> Vamsavardhana Reddy wrote:
> > Currently the JMX connections supported by Geronimo are non-SSL
> > connections.  Is it desirable to provide SSL JMX connections to Geronimo
> > (SSL or non-SSL is configurable by the users)?
> >
> > ++Vamsi

View raw message