0 Replies Latest reply on Apr 21, 2011 10:44 AM by hmr_mueller

    Securing JMXConnector (RMI) via SSL

    hmr_mueller

      In JBoss 6 M4 the JMXConnector defined in jmx-jboss-beans.xml (org.jboss.system.server.jmx.JMXConnector) does not allow to use SSL although this can be done with standard Java JMX over RMI classes. The SocketFactories are hard coded:

       

               DefaultClientSocketFactory clientSocketFactory = new DefaultClientSocketFactory();
               clientSocketFactory.setBindAddress(hostname);
               DefaultSocketFactory serverSocketFactory = new DefaultSocketFactory();
               serverSocketFactory.setBindAddress(hostname);
               registry = LocateRegistry.createRegistry(rmiRegistryPort, clientSocketFactory, serverSocketFactory);

       

      Since credentials and other sensitive data are sent over the wire, using SSL should be possible without writing your own JMXConnector.

       

      Thanks, Harald

       

      Attached a changed implementation being SSL enabled. The connection factories are set as properties of the MC bean

       

      The following property has to be specified on the JMX client:

       

      com.sun.jndi.rmi.factory.socket=javax.rmi.ssl.SslRMIClientSocketFactory