geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vamsavardhana Reddy" <c1vams...@gmail.com>
Subject Re: TLS instead of SSL?
Date Wed, 05 Dec 2007 14:58:02 GMT
Removing a <gbean> tag from config.xml will not stop the gbean.  You will
have to use load="false" in the gbean tag, for e.g., <gbean load="false"
name="Server">.

++Vamsi

On Dec 5, 2007 8:14 PM, Zakharov, Vasily M <vasily.m.zakharov@intel.com>
wrote:

>  Hi, David,
>
>
>
> I've removed the following sections from config.xml:
>
>
>
> <gbean name="Server">
>
> <attribute name="port">${ORBSSLPort + PortOffset}</attribute>
>
> <attribute name="host">${ORBSSLHost}</attribute>
>
> </gbean>
>
> <gbean name="JettySSLConnector">
>
> <attribute name="host">${ServerHostname}</attribute>
>
> <attribute name="port">${HTTPSPortPrimary + PortOffset}</attribute>
>
> </gbean>
>
>
>
> and also the following redirectPort tags:
>
>
>
> <gbean name="JettyWebConnector">
>
> <attribute name="host">${ServerHostname}</attribute>
>
> <attribute name="port">${HTTPPortPrimary + PortOffset}</attribute>
>
> <!-- attribute name="redirectPort">${HTTPSPortPrimary +
> PortOffset}</attribute -->
>
> </gbean>
>
> <gbean name="JettyAJP13Connector">
>
> <attribute name="host">${ServerHostname}</attribute>
>
> <attribute name="port">${AJPPortPrimary + PortOffset}</attribute>
>
> <!-- attribute name="redirectPort">${HTTPSPortPrimary +
> PortOffset}</attribute -->
>
> </gbean>
>
>
>
> but the stack remains the same:
>
>
>
> 17:25:30,836 ERROR [SocketFactory] Unable to create server SSL socket
> factory
>
> org.apache.geronimo.management.geronimo.KeystoreException: Unable to
> create SSL Context
>
>         at
> org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLContext
> (FileKeystoreManager.java:354)
>
>         at
> org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLServerFactory
> (FileKeystoreManager.java:296)
>
>         at
> org.apache.geronimo.security.keystore.FileKeystoreManager$$FastClassByCGLIB$$4d9d2a71.invoke
> (<generated>)
>
>         at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>
>         at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(
> FastMethodInvoker.java:38)
>
>         at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(
> GBeanOperation.java:124)
>
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(
> GBeanInstance.java:830)
>
>         at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(
> RawInvoker.java:57)
>
>         at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(
> RawOperationInvoker.java:35)
>
>         at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(
> ProxyMethodInterceptor.java:96)
>
>         at
> org.apache.geronimo.management.geronimo.KeystoreManager$$EnhancerByCGLIB$$bf6fcb72.createSSLServerFactory
> (<generated>)
>
>         at
> org.apache.geronimo.corba.security.config.ssl.SSLConfig.createSSLServerFactory
> (SSLConfig.java:112)
>
>         at
> org.apache.geronimo.corba.security.config.ssl.SSLConfig$$FastClassByCGLIB$$437ec1a5.invoke
> (<generated>)
>
>         at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>
>         at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(
> FastMethodInvoker.java:38)
>
>         at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(
> GBeanOperation.java:124)
>
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(
> GBeanInstance.java:830)
>
>         at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(
> RawInvoker.java:57)
>
>         at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(
> RawOperationInvoker.java:35)
>
>         at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(
> ProxyMethodInterceptor.java:96)
>
>         at
> org.apache.geronimo.corba.security.config.ssl.SSLConfig$$EnhancerByCGLIB$$55d3f0dd.createSSLServerFactory
> (<generated>)
>
>         at org.apache.geronimo.yoko.SocketFactory.getServerSocketFactory(
> SocketFactory.java:404)
>
>         at org.apache.geronimo.yoko.SocketFactory.createServerSocket(
> SocketFactory.java:317)
>
>         at org.apache.yoko.orb.OCI.IIOP.Acceptor_impl
> .<init>(Acceptor_impl.java:461)
>
>         at org.apache.yoko.orb.OCI.IIOP.AccFactory_impl.create_acceptor
> (AccFactory_impl.java:157)
>
>         at
> org.apache.yoko.orb.OBPortableServer.POAManagerFactory_impl.create_POAManager
> (POAManagerFactory_impl.java:251)
>
>         at org.apache.yoko.orb.OB.ORBControl.initializeRootPOA(
> ORBControl.java:516)
>
>         at org.apache.yoko.orb.OBCORBA.ORB_impl.resolve_initial_references
> (ORB_impl.java:1095)
>
>         at org.apache.geronimo.corba.CORBABean.doStart(CORBABean.java:243)
>
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.createInstance(
> GBeanInstance.java:996)
>
>         at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(
> GBeanInstanceState.java:268)
>
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(
> GBeanInstanceState.java:102)
>
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.start(
> GBeanInstance.java:539)
>
>         at
> org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(
> GBeanDependency.java:111)
>
>         at org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(
> GBeanDependency.java:146)
>
>         at org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(
> GBeanDependency.java:120)
>
>         at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(
> BasicLifecycleMonitor.java:176)
>
>         at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(
> BasicLifecycleMonitor.java:44)
>
>         at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent
> (BasicLifecycleMonitor.java:254)
>
>         at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(
> GBeanInstanceState.java:294)
>
>         at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(
> GBeanInstanceState.java:102)
>
>         at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(
> GBeanInstanceState.java:124)
>
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(
> GBeanInstance.java:553)
>
>         at
> org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(
> BasicKernel.java:379)
>
>         at
> org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans
> (ConfigurationUtil.java:448)
>
>         at
> org.apache.geronimo.kernel.config.KernelConfigurationManager.start(
> KernelConfigurationManager.java:187)
>
>         at
> org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration
> (SimpleConfigurationManager.java:530)
>
>         at
> org.apache.geronimo.kernel.config.SimpleConfigurationManager$$FastClassByCGLIB$$ce77a924.invoke
> (<generated>)
>
>         at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>
>         at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(
> FastMethodInvoker.java:38)
>
>         at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(
> GBeanOperation.java:124)
>
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(
> GBeanInstance.java:830)
>
>         at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(
> RawInvoker.java:57)
>
>         at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(
> RawOperationInvoker.java:35)
>
>         at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(
> ProxyMethodInterceptor.java:96)
>
>         at
> org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$ce332814.startConfiguration
> (<generated>)
>
>         at org.apache.geronimo.system.main.EmbeddedDaemon.doStartup(
> EmbeddedDaemon.java:156)
>
>         at org.apache.geronimo.system.main.EmbeddedDaemon.execute(
> EmbeddedDaemon.java:78)
>
>         at
> org.apache.geronimo.kernel.util.MainConfigurationBootstrapper.main(
> MainConfigurationBootstrapper.java:45)
>
>         at org.apache.geronimo.cli.AbstractCLI.executeMain(
> AbstractCLI.java:67)
>
>         at org.apache.geronimo.cli.daemon.DaemonCLI.main(DaemonCLI.java
> :30)
>
>         at java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>
>         at java.lang.reflect.Method.invoke(Method.java:317)
>
>         at org.apache.harmony.vm.JarRunner.main(JarRunner.java:80)
>
> Caused by: java.lang.reflect.InvocationTargetException
>
>         at java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>
>         at java.lang.reflect.Method.invoke(Method.java:317)
>
>         at
> org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLContext
> (FileKeystoreManager.java:345)
>
>         at
> org.apache.geronimo.security.keystore.FileKeystoreManager.createSSLServerFactory
> (FileKeystoreManager.java:296)
>
>         ... 62 more
>
> Caused by: java.security.NoSuchAlgorithmException: SSLContext SSL
> implementation not found
>
>         at org.apache.harmony.security.fortress.Engine.getInstance(
> Engine.java:105)
>
>         at javax.net.ssl.SSLContext.getInstance(SSLContext.java:79)
>
>         at java.lang.reflect.VMReflection.invokeMethod(VMReflection.java)
>
>         ... 65 more
>
>
>
> Thank you!
>
>
>
> Vasily
>
>
>
>
>
> -----Original Message-----
>
> From: David Jencks [mailto:david_jencks@yahoo.com]
>
> Sent: Wednesday, December 05, 2007 3:24 AM
>
> To: user@geronimo.apache.org
>
> Subject: Re: TLS instead of SSL?
>
>
>
>
>
> On Dec 4, 2007, at 3:10 PM, Zakharov, Vasily M wrote:
>
>
>
> > Hi, all,
>
> >
>
> > Can Geronimo be tuned to use TLS instead of SSL?
>
> > Or, can it be tuned to not use SSL at all?
>
>
>
> I don't think anyone has tried this before.  You might be able to
>
> disable any gbeans that need ssl.  Without a stack trace its hard to
>
> guess where these might be but a start might be  the https
>
> connectors.  If this doesn't work a stack trace would be helpful.
>
> >
>
> > I'm trying to run Geronimo 2.0.2 on Apache Harmony, and it fails to
>
> > start because Harmony doesn't have SSL implementation, though is has
>
> > TLS.
>
>
>
> It's great to see someone working on G + H !
>
>
>
> thanks
>
> david jencks
>
>
>
> >
>
> > Thanks!
>
> >
>
> > Vasily Zakharov
>
> > Intel ESSD
>
> > --------------------------------------------------------------------
>
> > Closed Joint Stock Company Intel A/O
>
> > Registered legal address: 125252, Moscow, Russian Federation,
>
> > Chapayevsky Per, 14.
>
> >
>
> > This e-mail and any attachments may contain confidential material for
>
> > the sole use of the intended recipient(s). Any review or distribution
>
> > by others is strictly prohibited. If you are not the intended
>
> > recipient, please contact the sender and delete all copies.
>
>
>
> --------------------------------------------------------------------
> Closed Joint Stock Company Intel A/O
> Registered legal address: 125252, Moscow, Russian Federation,
> Chapayevsky Per, 14.
>
> This e-mail and any attachments may contain confidential material for
> the sole use of the intended recipient(s). Any review or distribution
> by others is strictly prohibited. If you are not the intended
> recipient, please contact the sender and delete all copies.
>
>

Mime
View raw message