[
https://issues.apache.org/jira/browse/OFBIZ-1724?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12756801#action_12756801
]
Shi Yusen edited comment on OFBIZ-1724 at 9/17/09 2:33 PM:
-----------------------------------------------------------
Hi Giuliano,
Don't push me :).
Anyway, the good news is the new version can work now. Here are the quick start
steps:
Build (if you don't want to build, you can skip this step):
1. Download source code from
http://langhua.org/opensource/ofbiz/rmi/trunk/
2. Use maven to build the source code.
Certificates (skipped)
Server side deploy:
1. Download ofbiz-rmi-server-09.04.zip from
http://maven2.langhua.org/archiva/browse/ofbiz/ofbiz-rmi-server/09.04, unzip it
in specialpurpose, add rmiservice to specialpurpose/componet-load.xml
2. Download ofbiz-service-customization-09.04.jar from
http://maven2.langhua.org/archiva/browse/ofbiz/ofbiz-service-customization/09.04,
replace ofbiz-service.jar with this one.
3. Copy the jks files from specialpurpose/rmiservice/certs to
framework/base/config.
4. Add
"-Djavax.net.ssl.trustStore=/workspace/ofbiz/ofbiz-9.4/framework/base/config/ofbiztrust.jks
-Djavax.net.ssl.trustStorePassword=changeit" into OFBiz start script.
5. Run OFBiz.
Client side deploy:
Please note, the rmiclient must be deploy in the same server as OFBiz, because
the self-signed server certificate is for localhost.
1. Download ofbiz-rmi-client-09.04.war from
http://maven2.langhua.org/archiva/browse/ofbiz/ofbiz-rmi-client/09.04, rename
it to ofbizrmiclient.war and deploy it in tomcat.
2. Add
-Djavax.net.ssl.trustStore=/usr/share/tomcat5/webapps/ofbizrmiclient/WEB-INF/classes/ofbiztrust.jks
-Djavax.net.ssl.trustStorePassword=changeit to tomcat start script.
3. Restart tomcat
Test:
In web browser, visit http://localhost:8080/ofbizrmiclient/, you should see the
products in PROMOTION category.
Please note, I only test it with ssl-client-auth=false now. I'll try it's true
later.
Good Luck,
Shi Yusen/Beijing Langhua Ltd.
was (Author: shiys):
Hi Giuliano,
Don't push me :).
Anyway, the good news is the new version can work now. Here are the quick start
steps:
Build (if you don't want to build, you can skip this step):
1. Download source code from
http://langhua.org/opensource/ofbiz/rmi/trunk/
2. Use maven to build the source code.
Certificates (skipped)
Server side deploy:
1. Download ofbiz-rmi-server-09.04.zip from
http://maven2.langhua.org/archiva/browse/ofbiz/ofbiz-rmi-server/09.04, unzip it
in specialpurpose, add rmiservice to specialpurpose/componet-load.xml
2. Download ofbiz-service-customization-09.04.jar from
http://maven2.langhua.org/archiva/browse/ofbiz/ofbiz-service-customization/09.04,
replay ofbiz-service.jar with this one.
3. Copy the jks files from specialpurpose/rmiservice/certs to
framework/base/config.
4. Add
"-Djavax.net.ssl.trustStore=/workspace/ofbiz/ofbiz-9.4/framework/base/config/ofbiztrust.jks
-Djavax.net.ssl.trustStorePassword=changeit" into OFBiz start script.
5. Run OFBiz.
Client side deploy:
Please note, the rmiclient must be deploy in the same server as OFBiz, because
the self-signed server certificate is for localhost.
1. Download ofbiz-rmi-client-09.04.war from
http://maven2.langhua.org/archiva/browse/ofbiz/ofbiz-rmi-client/09.04, rename
it to ofbizrmiclient.war and deploy it in tomcat.
2. Add
-Djavax.net.ssl.trustStore=/usr/share/tomcat5/webapps/ofbizrmiclient/WEB-INF/classes/ofbiztrust.jks
-Djavax.net.ssl.trustStorePassword=changeit to tomcat start script.
3. Restart tomcat
Test:
In web browser, visit http://localhost:8080/ofbizrmiclient/, you should see the
products in PROMOTION category.
Please note, I only test it with ssl-client-auth=false now. I'll try it's true
later.
Good Luck,
Shi Yusen/Beijing Langhua Ltd.
> rmiservice and rmiclient
> ------------------------
>
> Key: OFBIZ-1724
> URL: https://issues.apache.org/jira/browse/OFBIZ-1724
> Project: OFBiz
> Issue Type: Improvement
> Affects Versions: Release Branch 4.0
> Environment: FC7 + JDK 1.6 + OFBiz 4.0 + Tomcat 5.5.26
> Reporter: Shi Yusen
> Priority: Trivial
> Fix For: Release Branch 4.0
>
> Attachments: correct-result.png, rmi-handshake.png, rmiclient.zip,
> rmiservice.zip
>
>
> My colleage Li Shuang removed the dependence of rmiclient code and OpenCms.
> And I tested the new code with OFBiz 4.0, seems ok. Here are the steps on how
> to make the rmiservice and rmiclient work:
> 1. Unzip rmiservice.zip and rmiclient under specialpurpose.
> 2. Edit specialpurpose/component-load.xml, add
> <load-component component-location="${ofbiz.home}/specialpurpose/rmiservice"/>
> 3. In specialpurpose/rmiclient/sslcert/, run createcsr.sh
> 4. If you run a Linux box, you can use TinyCA2 to sign the rmiserver.csr and
> rmiclient.csr. Export your CA public key(cacert.der) and the signed
> rmiserver.der and rmiclient.der to specialpurpose/rmiclient/sslcert/.
> 5. In specialpurpose/rmiclient/sslcert/, run importcerts.sh
> 6. Run specialpurpose/rmiclient/build.xml, select target war. This will
> produce an ofbizrmiclient.war under specialpurpose/rmiclient/build/.
> 7. Deploy ofbizclient.war in tomcat. I use tomcat 5.5.26. I
> 8. Config framework/base/config/ofbiz-containers.xml, change rmi-dispatcher
> bound-host if you don't use localhost.
> 9. If you run ofbiz with "ant run", edit {ofbiz_home}/build.xml, add
> trustStore config:
> <target name="run" depends="build">
> <java jar="ofbiz.jar" fork="true">
> <jvmarg value="${memory.max.param}"/>
> <jvmarg
> value="-Djavax.net.ssl.trustStore=${basedir}/framework/base/config/ofbiztrust.jks"/>
> <jvmarg value="-Djavax.net.ssl.trustStorePassword=changeit"/>
> </java>
> </target>
> 10. Rebuild and run ofbiz.
> 11. If localhost is not your ofbiz server name, edit
> {tomcat_home}/webapps/ofbizclient/index.jsp, change
> OFBizRmiClient rc = new OFBizRmiClient("rmi://localhost:1099/RMIDispatcher");
> String ofbizUrl = "http://localhost:8080";;
> accordingly.
> 12. In web browser, type in your ofbizrmiclient address:. A correct result
> should be similar to correct-result.png.
> Trouble shootings:
> 1. sun.security.validator.ValidatorException: No trusted certificate found
> Edit {tomcat_home}/ofbizrmiclient/WEB-INF/classes/jsse.properties, modify the
> trustStore and keyStore configuration.
> 2. javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
> Check the server side trustStore configuration.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
