Mailing-List: contact issues-help@karaf.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@karaf.apache.org
Date: Fri, 28 Aug 2015 08:01:45 +0000 (UTC)
From: "Michael Taeschner (JIRA)" <jira@apache.org>
To: issues@karaf.apache.org
Message-ID: <JIRA.12849330.1438006346000.191873.1440748905826@Atlassian.JIRA>
In-Reply-To: <JIRA.12849330.1438006346000@Atlassian.JIRA>
References: <JIRA.12849330.1438006346000@Atlassian.JIRA>
 <JIRA.12849330.1438006346753@arcas>
Subject: [jira] [Comment Edited] (KARAF-3887) JMXRMI over SSL - Exceptions
 on Karaf Shutdown
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit


    [ https://issues.apache.org/jira/browse/KARAF-3887?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14642764#comment-14642764 ] 

Michael Taeschner edited comment on KARAF-3887 at 8/28/15 8:01 AM:
-------------------------------------------------------------------

To connect to the container via Jconsole run following command from karaf-base:
{code:none}
jconsole -J-Djavax.net.ssl.trustStore=etc/karaf.jmx.ssl.jks -J-Djavax.net.ssl.trustStoreType=JKS
{code}

and then connect remotely using the known RMI address
{code:none}
service:jmx:rmi:///jndi/rmi://localhost:1099/karaf-root
{code}
with default credentials karaf/karaf


was (Author: mitaes):
To connect to the container via Jconsole run following command from karaf-base:
{code:text}
jconsole -J-Djavax.net.ssl.trustStore=etc/karaf.jmx.ssl.jks -J-Djavax.net.ssl.trustStoreType=JKS
{code}

and then connect remotely using the known RMI address
{code:text}
service:jmx:rmi:///jndi/rmi://localhost:1099/karaf-root
{code}
with default credentials karaf/karaf


> JMXRMI over SSL - Exceptions on Karaf Shutdown
> ----------------------------------------------
>
>                 Key: KARAF-3887
>                 URL: https://issues.apache.org/jira/browse/KARAF-3887
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-management
>    Affects Versions: 2.4.3
>            Reporter: Michael Taeschner
>         Attachments: karaf.jmx.ssl.jks, keys.properties, keystore.xml, org.apache.karaf.management.cfg
>
>
> We are using JMXRMI over SSL connector as described at JBoss Fuse 6 documentation [1]. This has worked flawlessly with Karaf 2.4.1 (as base for ServiceMix 4.5.0) but causes exceptions on container shutdown for version 2.4.3. During runtime the SSL connector is working though as before.
> Exceptions: StackTrace 1
> {noformat}Exception in thread "JMX Connector Thread [service:jmx:rmi://0.0.0.0:44444/jndi/rmi://0.0.0.0:1099/karaf-root]" java.lang.RuntimeException: Could not start JMX connector server
>         at org.apache.karaf.management.ConnectorServerFactory$1.run(ConnectorServerFactory.java:272)
> Caused by: java.io.IOException: Cannot bind to URL [rmi://0.0.0.0:1099/karaf-root]: javax.naming.CommunicationException [Root exception is java.rmi.NoSuchObjectException: no such object in table]
>         at javax.management.remote.rmi.RMIConnectorServer.newIOException(RMIConnectorServer.java:827)
>         at javax.management.remote.rmi.RMIConnectorServer.start(RMIConnectorServer.java:432)
>         at org.apache.karaf.management.ConnectorServerFactory$1.run(ConnectorServerFactory.java:259)
> Caused by: javax.naming.CommunicationException [Root exception is java.rmi.NoSuchObjectException: no such object in table]
>         at com.sun.jndi.rmi.registry.RegistryContext.bind(RegistryContext.java:147)
>         at com.sun.jndi.toolkit.url.GenericURLContext.bind(GenericURLContext.java:228)
>         at javax.naming.InitialContext.bind(InitialContext.java:425)
>         at javax.management.remote.rmi.RMIConnectorServer.bind(RMIConnectorServer.java:644)
>         at javax.management.remote.rmi.RMIConnectorServer.start(RMIConnectorServer.java:427)
>         ... 1 more
> Caused by: java.rmi.NoSuchObjectException: no such object in table
>         at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:276)
>         at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:253)
>         at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:379)
>         at sun.rmi.registry.RegistryImpl_Stub.bind(Unknown Source)
>         at com.sun.jndi.rmi.registry.RegistryContext.bind(RegistryContext.java:141)
>         ... 5 more
> {noformat}
> StackTrace 2
> {noformat}
> Exception in thread "JMX Connector Thread [service:jmx:rmi://0.0.0.0:44444/jndi/rmi://0.0.0.0:1099/karaf-root]" java.lang.RuntimeException:
> Port already in use: 44444;
> You may have started two containers.  If you need to start a second container or the default ports are already in use update the config file etc/org.apache.karaf.management.cfg and change the Registry Port and Server Port to unused ports
>         at org.apache.karaf.management.ConnectorServerFactory$1.run(ConnectorServerFactory.java:268)
> {noformat}
> etc/org.apache.karaf.management.cfg#ObjectName 
> {code:text}
> #
> # The ObjectName used to register the JMXConnectorServer
> #
> objectName = connector:name=rmi
> keyStoreAvailabilityTimeout = 5000
> keyStore = karaf.keystore
> # keyAlias maps to keystore.xml keyPasswords alias
> keyAlias = local-test
> secured = true
> authenticatorType = password
> trustStore = karaf.keystore
> secureAlgorithm = default
> secureProtocol = SSL
> {code}
> The issue can be recreated using stock Karaf download with the following steps:
> - copy attached keystore.xml and org.apache.felix.fileinstall-keystore.cfg to ./etc folder
> - copy self-signed keystore file (karaf.jmx.ssl.jks) to etc folder
> - modify etc/org.apache.karaf.management.cfg as shown below (or use modified copy attached to issue)
> - run container, check exceptions on shutdown
> [1] https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.0/html/Security_Guide/files/ESBSecurityJmxSSL.html


--
This message was sent by Atlassian JIRA
(v6.3.4#6332)