[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [jetty-users] configuring JMX interface to use SSL
|
On Tue, Feb 14, 2017 at 04:11:34PM -0700, Joakim Erdfelt wrote:
> You'll need to use jconsole with the same keystore/truststore you used for
> the jmx server side.
> Or you'll need to use an ssl certificate that's from a trusted CA already
> found in the default JVM keystore.
I am supplying those properties when I used the locally-run jmxconcole.
I'll specifically copy over the jmxkeystore.jks to where I'm firing
up jconsole, to try as you suggest.
I would have expected SSL errors, if this was a trust issue.
> Note: the prior example is all using Java 8 update 112 btw.
I'm using Java 8 as well, but different builds, depending on the
environment.
>
> $ vim jconsole-ssl.sh
>
> --(snip)--
> #!/bin/bash
>
> jconsole \
> -J-Djavax.net.ssl.keyStore=jmxkeystore.jks \
> -J-Djavax.net.ssl.keyStorePassword=changeme \
> -J-Djavax.net.ssl.trustStore=jmxkeystore.jks \
> -J-Djavax.net.ssl.trustStorePassword=changeme \
> localhost:1616
> --(/snip)--
>
>
> Joakim Erdfelt / joakim@xxxxxxxxxxx
--
Brian Reichert <reichert@xxxxxxxxxxx>
BSD admin/developer at large