1 Reply Latest reply on May 2, 2012 7:23 AM by ochaloup

    Remoting over SSL - JBoss 7.1.1

    johnsjo

      I'm trying to set up remoting over SSL on jboss 7.1.1.  I'm getting an SSL-related exception on the client side. 

       

      Here's the relevant parts if my configuration.

       

      standalone-full.xml:

                  <security-realm name="SSLRealm">

                      <server-identities>

                          <ssl>

                              <keystore path="keystore" relative-to="jboss.server.config.dir" password="<password>"/>

                          </ssl>

                      </server-identities>

                      <authentication>

                          <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>

                      </authentication>

                  </security-realm>

      .....

              <subsystem xmlns="urn:jboss:domain:remoting:1.1">

                  <connector name="remoting-connector" socket-binding="remoting" security-realm="SSLRealm"/>

              </subsystem>

      ......

              <socket-binding name="remoting" port="41010"/>

       

       

      jboss-ejb-client.properties:

      endpoint.name=client-endpoint
      remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=true

      remote.connections=one

      remote.connection.one.host=etmwfmuat2.odc.vzwcorp.com
      remote.connection.one.port=41010
      remote.connection.one.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
      remote.connection.one.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
      remote.connection.one.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
      remote.connection.one.connect.options.org.xnio.Options.SSL_STARTTLS=true
      remote.connection.one.username=<userName>

      remote.connection.one.password=<password>

       

       

      Here's the exception I'm getting on the client:

      java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: General SSLEngine problem

      at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:91)

      at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:121)

      at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.<init>(ConfigBasedEJBClientContextSelector.java:78)

      at org.jboss.ejb.client.EJBClientContext.<clinit>(EJBClientContext.java:77)

      at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:120)

      at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:104)

      at $Proxy0.login(Unknown Source)

      at ordertracker.XMLSwingContainer$LoginRequestObserver$1.doBackgroundThreadStuff(XMLSwingContainer.java:917)

      at ordertracker.XMLSwingContainer$LoginRequestObserver$1.doBackgroundThreadStuff(XMLSwingContainer.java:883)

      at com.vzw.wfm.common.ui.utils.SlightlyImprovedSwingWorker.construct(SlightlyImprovedSwingWorker.java:55)

      at com.vzw.wfm.common.ui.utils.SwingWorker$2.run(SwingWorker.java:121)

      at java.lang.Thread.run(Unknown Source)

      Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem

      at com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Unknown Source)

      at com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(Unknown Source)

      at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(Unknown Source)

      at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(Unknown Source)

      at javax.net.ssl.SSLEngine.unwrap(Unknown Source)

      at org.xnio.ssl.JsseConnectedSslStreamChannel.unwrap(JsseConnectedSslStreamChannel.java:443)

      at org.xnio.ssl.JsseConnectedSslStreamChannel.handleHandshake(JsseConnectedSslStreamChannel.java:396)

      at org.xnio.ssl.JsseConnectedSslStreamChannel.write(JsseConnectedSslStreamChannel.java:239)

      at org.xnio.ssl.JsseConnectedSslStreamChannel.write(JsseConnectedSslStreamChannel.java:194)

      at org.xnio.channels.FramedMessageChannel.doFlushBuffer(FramedMessageChannel.java:297)

      at org.xnio.channels.FramedMessageChannel.flushAction(FramedMessageChannel.java:277)

      at org.xnio.channels.TranslatingSuspendableChannel.flush(TranslatingSuspendableChannel.java:604)

      at org.jboss.remoting3.remote.RemoteConnection$RemoteWriteListener.handleEvent(RemoteConnection.java:202)

      at org.jboss.remoting3.remote.RemoteConnection$RemoteWriteListener.handleEvent(RemoteConnection.java:177)

      at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

      at org.xnio.channels.TranslatingSuspendableChannel.handleWritable(TranslatingSuspendableChannel.java:243)

      at org.xnio.channels.TranslatingSuspendableChannel$2.handleEvent(TranslatingSuspendableChannel.java:113)

      at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

      at org.xnio.channels.TranslatingSuspendableChannel.handleWritable(TranslatingSuspendableChannel.java:243)

      at org.xnio.channels.TranslatingSuspendableChannel$2.handleEvent(TranslatingSuspendableChannel.java:113)

      at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

      at org.xnio.nio.NioHandle.run(NioHandle.java:90)

      at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:205)

      at org.xnio.nio.WorkerThread.run(WorkerThread.java:121)

      at ...asynchronous invocation...(Unknown Source)

      at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)

      at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:251)

      at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:349)

      at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:333)

      at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:119)

      ... 10 more

      Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem

      at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)

      at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source)

      at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)

      at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)

      at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)

      at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)

      at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)

      at com.sun.net.ssl.internal.ssl.Handshaker$1.run(Unknown Source)

      at java.security.AccessController.doPrivileged(Native Method)

      at com.sun.net.ssl.internal.ssl.Handshaker$DelegatedTask.run(Unknown Source)

      at org.xnio.ssl.JsseConnectedSslStreamChannel.handleHandshake(JsseConnectedSslStreamChannel.java:422)

      at org.xnio.ssl.JsseConnectedSslStreamChannel.read(JsseConnectedSslStreamChannel.java:487)

      at org.xnio.ssl.JsseConnectedSslStreamChannel.read(JsseConnectedSslStreamChannel.java:449)

      at org.xnio.channels.FramedMessageChannel.receive(FramedMessageChannel.java:88)

      at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:228)

      at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)

      at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

      at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)

      at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)

      at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

      at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)

      at org.xnio.ssl.JsseConnectedSslStreamChannel.handleReadable(JsseConnectedSslStreamChannel.java:180)

      at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)

      at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

      at org.xnio.nio.NioHandle.run(NioHandle.java:90)

      at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)

      Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

      at sun.security.validator.PKIXValidator.doBuild(Unknown Source)

      at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)

      at sun.security.validator.Validator.validate(Unknown Source)

      at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(Unknown Source)

      at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)

      at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)

      ... 22 more

      Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

      at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)

      at java.security.cert.CertPathBuilder.build(Unknown Source)

      ... 28 more

       

       

      Any ideas what the problem might be?