[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [jetty-users] configuring JMX interface to use SSL
|
On Wed, Feb 08, 2017 at 06:43:32PM +0100, Simone Bordet wrote:
> If you want to have JMX over SSL, just enable the jmx module in Jetty.
> This will expose the Jetty components as MBeans.
>
> Then you enable all the relevant system properties reported by the
> link above to enable remote monitoring via SSL.
Ok, I've tried these invocations, and none of them yield an SSL
certificate when I connect to port 1099, when I use the 'demo-base'
app:
# pwd
/usr/jetty-distribution-9.3.8.v20160314/demo-base
java -jar ../start.jar --module=jmx,jmx-remote
# This should be the operational default, but just to make sure...
java -Dcom.sun.management.jmxremote.ssl=true \
-jar ../start.jar --module=jmx,jmx-remote
# RMI Registry Authentication is 'false' by default
java -Dcom.sun.management.jmxremote.ssl=true \
-Dcom.sun.management.jmxremote.registry.ssl=true \
-jar ../start.jar --module=jmx,jmx-remote
Should any of these have worked? Or am I misunderstanding what
you're saying?
> The reason of the existence of the jmx-remote module is that the
> default support by the JVM opens a random port for the
> JMXConnectorServer, which is not friendly for firewalls.
Pretty neat. :)
> --
> Simone Bordet
> ----
> http://cometd.org
> http://webtide.com
> Developer advice, training, services and support
> from the Jetty & CometD experts.
> _______________________________________________
> jetty-users mailing list
> jetty-users@xxxxxxxxxxx
> To change your delivery options, retrieve your password, or unsubscribe from this list, visit
> https://dev.eclipse.org/mailman/listinfo/jetty-users
--
Brian Reichert <reichert@xxxxxxxxxxx>
BSD admin/developer at large