Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] configuring JMX interface to use SSL

On Thu, Feb 09, 2017 at 02:11:23PM -0700, Joakim Erdfelt wrote:
> Here you go.
> Using Jetty 9.4.1 demo-base ...

Thanks for such an explicit test case. :)

Following along, with jetty-distribution-9.3.8.v20160314.

- created SSL keystore, successfully, just as you did.

- created modules/jmx-ssl.mod.  One change; for some reason, this
  version of jetty did not honor the use of '${jetty.base}' in the module:

    java -jar ../start.jar --module=jmx-ssl

    Caused by: ${jetty.base}/jmxkeystore.jks
    (No such file or directory)
        at Method)

  The configuration otherwise seems set:

    java -jar ../start.jar --list-config | grep jetty.base
     jetty.base = /usr/jetty-distribution-9.3.8.v20160314/demo-base
     ${jetty.base} -> /usr/jetty-distribution-9.3.8.v20160314/demo-base
     8:      1.4.1.v201005082020 |
     9:          9.3.8.v20160314 |
    10:                    (dir) | ${jetty.base}/resources

  I worked past this by supplying an absolute pathname in the module, e.g.:

Now, I do get port 1616 opened up, and there is an SSL interface
there, and this port is exposed on the external NIC, all of which
is desirable.

But, when I connect remotely using jconsole, I get this error:

  non-JRMP server at remote endpoint

I also explored using a command-line JMX console tool to connect locally:

but it got the same error.

I've tried setting the port to 1099, in case something had a baked-in
default, to no avail.

Googling that error doesn't give me any pointers that seem applicable
to my situation. :/

I'll keep digging, but I did want to report back.

> - Joakim
> Joakim Erdfelt / joakim@xxxxxxxxxxx

Brian Reichert				<reichert@xxxxxxxxxxx>
BSD admin/developer at large	

Back to the top