1 Reply Latest reply: May 2, 2012 7:23 AM by Ondřej Chaloupka RSS

Remoting over SSL - JBoss 7.1.1

Josh Johnson Newbie

I'm trying to set up remoting over SSL on jboss 7.1.1.  I'm getting an SSL-related exception on the client side. 

 

Here's the relevant parts if my configuration.

 

standalone-full.xml:

            <security-realm name="SSLRealm">

                <server-identities>

                    <ssl>

                        <keystore path="keystore" relative-to="jboss.server.config.dir" password="<password>"/>

                    </ssl>

                </server-identities>

                <authentication>

                    <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>

                </authentication>

            </security-realm>

.....

        <subsystem xmlns="urn:jboss:domain:remoting:1.1">

            <connector name="remoting-connector" socket-binding="remoting" security-realm="SSLRealm"/>

        </subsystem>

......

        <socket-binding name="remoting" port="41010"/>

 

 

jboss-ejb-client.properties:

endpoint.name=client-endpoint
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=true

remote.connections=one

remote.connection.one.host=etmwfmuat2.odc.vzwcorp.com
remote.connection.one.port=41010
remote.connection.one.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
remote.connection.one.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
remote.connection.one.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
remote.connection.one.connect.options.org.xnio.Options.SSL_STARTTLS=true
remote.connection.one.username=<userName>

remote.connection.one.password=<password>

 

 

Here's the exception I'm getting on the client:

java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: General SSLEngine problem

at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:91)

at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:121)

at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.<init>(ConfigBasedEJBClientContextSelector.java:78)

at org.jboss.ejb.client.EJBClientContext.<clinit>(EJBClientContext.java:77)

at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:120)

at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:104)

at $Proxy0.login(Unknown Source)

at ordertracker.XMLSwingContainer$LoginRequestObserver$1.doBackgroundThreadStuff(XMLSwingContainer.java:917)

at ordertracker.XMLSwingContainer$LoginRequestObserver$1.doBackgroundThreadStuff(XMLSwingContainer.java:883)

at com.vzw.wfm.common.ui.utils.SlightlyImprovedSwingWorker.construct(SlightlyImprovedSwingWorker.java:55)

at com.vzw.wfm.common.ui.utils.SwingWorker$2.run(SwingWorker.java:121)

at java.lang.Thread.run(Unknown Source)

Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem

at com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(Unknown Source)

at javax.net.ssl.SSLEngine.unwrap(Unknown Source)

at org.xnio.ssl.JsseConnectedSslStreamChannel.unwrap(JsseConnectedSslStreamChannel.java:443)

at org.xnio.ssl.JsseConnectedSslStreamChannel.handleHandshake(JsseConnectedSslStreamChannel.java:396)

at org.xnio.ssl.JsseConnectedSslStreamChannel.write(JsseConnectedSslStreamChannel.java:239)

at org.xnio.ssl.JsseConnectedSslStreamChannel.write(JsseConnectedSslStreamChannel.java:194)

at org.xnio.channels.FramedMessageChannel.doFlushBuffer(FramedMessageChannel.java:297)

at org.xnio.channels.FramedMessageChannel.flushAction(FramedMessageChannel.java:277)

at org.xnio.channels.TranslatingSuspendableChannel.flush(TranslatingSuspendableChannel.java:604)

at org.jboss.remoting3.remote.RemoteConnection$RemoteWriteListener.handleEvent(RemoteConnection.java:202)

at org.jboss.remoting3.remote.RemoteConnection$RemoteWriteListener.handleEvent(RemoteConnection.java:177)

at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

at org.xnio.channels.TranslatingSuspendableChannel.handleWritable(TranslatingSuspendableChannel.java:243)

at org.xnio.channels.TranslatingSuspendableChannel$2.handleEvent(TranslatingSuspendableChannel.java:113)

at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

at org.xnio.channels.TranslatingSuspendableChannel.handleWritable(TranslatingSuspendableChannel.java:243)

at org.xnio.channels.TranslatingSuspendableChannel$2.handleEvent(TranslatingSuspendableChannel.java:113)

at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

at org.xnio.nio.NioHandle.run(NioHandle.java:90)

at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:205)

at org.xnio.nio.WorkerThread.run(WorkerThread.java:121)

at ...asynchronous invocation...(Unknown Source)

at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)

at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:251)

at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:349)

at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:333)

at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:119)

... 10 more

Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)

at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)

at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker$1.run(Unknown Source)

at java.security.AccessController.doPrivileged(Native Method)

at com.sun.net.ssl.internal.ssl.Handshaker$DelegatedTask.run(Unknown Source)

at org.xnio.ssl.JsseConnectedSslStreamChannel.handleHandshake(JsseConnectedSslStreamChannel.java:422)

at org.xnio.ssl.JsseConnectedSslStreamChannel.read(JsseConnectedSslStreamChannel.java:487)

at org.xnio.ssl.JsseConnectedSslStreamChannel.read(JsseConnectedSslStreamChannel.java:449)

at org.xnio.channels.FramedMessageChannel.receive(FramedMessageChannel.java:88)

at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:228)

at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)

at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)

at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)

at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)

at org.xnio.ssl.JsseConnectedSslStreamChannel.handleReadable(JsseConnectedSslStreamChannel.java:180)

at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)

at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

at org.xnio.nio.NioHandle.run(NioHandle.java:90)

at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)

Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.validator.PKIXValidator.doBuild(Unknown Source)

at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)

at sun.security.validator.Validator.validate(Unknown Source)

at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)

at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)

at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)

... 22 more

Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)

at java.security.cert.CertPathBuilder.build(Unknown Source)

... 28 more

 

 

Any ideas what the problem might be?