I've tried this in both 4.0.4 and the just released 4.0.5, since this Wiki states the functionality to encrypt the keystore password in the Tomcat connector config has been "available since a long long time". It references JBAS-3369 as the task that enabled this feature.
I created an sslsecurity-service.xml file in my /deploy directory, and am certain it is configured correctly because I setup my JMS UIL2 to use it, and it starts up fine. sslsecurity-service.xml: | <?xml version="1.0" encoding="UTF-8"?> | | <server> | | <!-- Configures the keystore/truststore for SSL on the security domain --> | <mbean code="org.jboss.security.plugins.JaasSecurityDomain" | name="jboss.security:service=PBESecurityDomain"> | <constructor> | <arg type="java.lang.String" value="SSL"/> | </constructor> | <!-- The location of the keystore | resource: loads from the classloaders conf/ is the first classloader --> | <attribute name="KeyStoreURL">resource:jbkeystore.ks</attribute> | <attribute name="KeyStorePass">{CLASS}org.jboss.security.plugins.FilePassword:${jboss.server.home.dir}/conf/jbkeystore.pw</attribute> | <attribute name="KeyStoreType">JCEKS</attribute> | <attribute name="Salt">feefifofum</attribute> | <attribute name="IterationCount">13</attribute> | </mbean> | | </server> | section in ssl-uil2-service.xml referencing security domain: | <!-- SSL Socket Factories --> | <attribute name="ClientSocketFactory">org.jboss.security.ssl.ClientSocketFactory</attribute> | <attribute name="ServerSocketFactory">org.jboss.security.ssl.DomainServerSocketFactory</attribute> | | <!-- Security domain - see below --> | <attribute name="SecurityDomain">java:/jaas/SSL</attribute> | I did comment out the original security domain config in this file so that the new one would be used instead. server.log: | 2006-11-10 16:51:21,773 INFO [org.apache.catalina.startup.Embedded] (main) Catalina naming disabled | 2006-11-10 16:51:21,923 INFO [org.apache.catalina.startup.ClusterRuleSetFactory] (main) Unable to find a cluster rule set in the classpath. Will load the default rule set. | 2006-11-10 16:51:21,923 INFO [org.apache.catalina.startup.ClusterRuleSetFactory] (main) Unable to find a cluster rule set in the classpath. Will load the default rule set. | 2006-11-10 16:51:22,604 ERROR [org.apache.catalina.startup.Catalina] (main) Catalina.start | LifecycleException: Protocol handler initialization failed: java.lang.IllegalArgumentException: Failed to set security domain | at org.apache.catalina.connector.Connector.initialize(Connector.java:1018) | at org.jboss.web.tomcat.tc5.StandardService.initialize(StandardService.java:688) | at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:791) | at org.apache.catalina.startup.Catalina.load(Catalina.java:503) | at org.apache.catalina.startup.Catalina.start(Catalina.java:543) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at org.apache.commons.modeler.BaseModelMBean.invoke(BaseModelMBean.java:503) | at org.jboss.mx.server.RawDynamicInvoker.invoke(RawDynamicInvoker.java:164) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659) | at org.jboss.web.tomcat.tc5.Tomcat5.startService(Tomcat5.java:446) | at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:289) | at org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:245) | at sun.reflect.GeneratedMethodAccessor2.invoke(Unknown Source) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155) | at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94) | at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:88) | at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142) | at org.jboss.mx.interceptor.DynamicInterceptor.invoke(DynamicInterceptor.java:97) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:88) | at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659) | at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:978) | at $Proxy0.start(Unknown Source) | at org.jboss.system.ServiceController.start(ServiceController.java:417) | at org.jboss.system.ServiceController.start(ServiceController.java:435) | at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155) | at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:86) | at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659) | at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210) | at $Proxy4.start(Unknown Source) | at org.jboss.deployment.SARDeployer.start(SARDeployer.java:302) | at org.jboss.deployment.MainDeployer.start(MainDeployer.java:1025) | at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:819) | at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:782) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155) | at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94) | at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:88) | at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:88) | at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659) | at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210) | at $Proxy6.deploy(Unknown Source) | at org.jboss.deployment.scanner.URLDeploymentScanner.deploy(URLDeploymentScanner.java:421) | at org.jboss.deployment.scanner.URLDeploymentScanner.scan(URLDeploymentScanner.java:634) | at org.jboss.deployment.scanner.AbstractDeploymentScanner$ScannerThread.doScan(AbstractDeploymentScanner.java:263) | at org.jboss.deployment.scanner.AbstractDeploymentScanner.startService(AbstractDeploymentScanner.java:336) | at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:289) | at org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:245) | at sun.reflect.GeneratedMethodAccessor2.invoke(Unknown Source) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155) | at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:86) | at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659) | at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:978) | at $Proxy0.start(Unknown Source) | at org.jboss.system.ServiceController.start(ServiceController.java:417) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155) | at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:86) | at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659) | at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210) | at $Proxy4.start(Unknown Source) | at org.jboss.deployment.SARDeployer.start(SARDeployer.java:302) | at org.jboss.deployment.MainDeployer.start(MainDeployer.java:1025) | at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:819) | at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:782) | at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:766) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155) | at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94) | at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:88) | at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:88) | at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659) | at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210) | at $Proxy5.deploy(Unknown Source) | at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:482) | at org.jboss.system.server.ServerImpl.start(ServerImpl.java:362) | at org.jboss.Main.boot(Main.java:200) | at org.jboss.Main$1.run(Main.java:490) | at java.lang.Thread.run(Thread.java:595) | 2006-11-10 16:51:22,794 INFO [org.apache.catalina.startup.Catalina] (main) Initialization processed in 871 ms | 2006-11-10 16:51:22,794 INFO [org.jboss.web.tomcat.tc5.StandardService] (main) Starting service jboss.web | 2006-11-10 16:51:22,804 INFO [org.apache.catalina.core.StandardEngine] (main) Starting Servlet Engine: Apache Tomcat/5.5.20 | 2006-11-10 16:51:22,864 INFO [org.apache.catalina.core.StandardHost] (main) XML validation disabled | 2006-11-10 16:51:23,946 INFO [org.apache.catalina.startup.Catalina] (main) Server startup in 1152 ms | 2006-11-10 16:51:24,797 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer] (main) deploy, ctxPath=/invoker, warUrl=.../deploy/http-invoker.sar/invoker.war/ | 2006-11-10 16:51:25,448 INFO [org.apache.catalina.loader.WebappLoader] (main) Dual registration of jndi stream handler: factory already defined | 2006-11-10 16:51:27,571 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer] (main) deploy, ctxPath=/, warUrl=.../deploy/jbossweb-tomcat55.sar/ROOT.war/ | 2006-11-10 16:51:28,032 INFO [org.jboss.resource.deployment.RARDeployment] (main) Required license terms exist, view META-INF/ra.xml in .../deploy/jboss-local-jdbc.rar | 2006-11-10 16:51:32,348 INFO [org.jboss.resource.adapter.jdbc.remote.WrapperDataSourceService] (main) Bound ConnectionManager 'jboss.jca:service=DataSourceBinding,name=OracleDS' to JNDI name 'java:OracleDS' | 2006-11-10 16:51:33,640 INFO [STDOUT] (main) [EMAIL PROTECTED] | 2006-11-10 16:51:33,850 INFO [org.jboss.mq.il.uil2.UILServerILService] (main) JBossMQ UIL service available at : /0.0.0.0:9000 | 2006-11-10 16:51:34,010 INFO [org.jboss.mq.server.jmx.Queue.DLQ] (main) Bound to JNDI name: queue/DLQ | 2006-11-10 16:51:34,101 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer] (main) deploy, ctxPath=/jmx-console, warUrl=.../deploy/jmx-console.war/ | 2006-11-10 16:51:35,583 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer] (main) deploy, ctxPath=/utilservlets, warUrl=.../tmp/deploy/tmp30167utilservlets-exp.war/ | 2006-11-10 16:51:36,113 ERROR [org.apache.coyote.http11.Http11BaseProtocol] (main) Error starting endpoint | java.io.IOException: securityDomain is null.Set it as an attribute in the connector setting | at org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:125) | at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:98) | at org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:294) | at org.apache.tomcat.util.net.PoolTcpEndpoint.startEndpoint(PoolTcpEndpoint.java:312) | at org.apache.coyote.http11.Http11BaseProtocol.start(Http11BaseProtocol.java:150) | at org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:75) | at org.apache.catalina.connector.Connector.start(Connector.java:1089) | at org.jboss.web.tomcat.tc5.Tomcat5.startConnectors(Tomcat5.java:590) | at org.jboss.web.tomcat.tc5.Tomcat5.handleNotification(Tomcat5.java:627) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at org.jboss.mx.notification.NotificationListenerProxy.invoke(NotificationListenerProxy.java:153) | at $Proxy18.handleNotification(Unknown Source) | at org.jboss.mx.util.JBossNotificationBroadcasterSupport.handleNotification(JBossNotificationBroadcasterSupport.java:127) | at org.jboss.mx.util.JBossNotificationBroadcasterSupport.sendNotification(JBossNotificationBroadcasterSupport.java:108) | at org.jboss.system.server.ServerImpl.sendNotification(ServerImpl.java:908) | at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:497) | at org.jboss.system.server.ServerImpl.start(ServerImpl.java:362) | at org.jboss.Main.boot(Main.java:200) | at org.jboss.Main$1.run(Main.java:490) | at java.lang.Thread.run(Thread.java:595) | 2006-11-10 16:51:36,153 WARN [org.jboss.web.tomcat.tc5.Tomcat5] (main) Failed to startConnectors | LifecycleException: service.getName(): "jboss.web"; Protocol handler start failed: java.io.IOException: securityDomain is null.Set it as an attribute in the connector setting | at org.apache.catalina.connector.Connector.start(Connector.java:1096) | at org.jboss.web.tomcat.tc5.Tomcat5.startConnectors(Tomcat5.java:590) | at org.jboss.web.tomcat.tc5.Tomcat5.handleNotification(Tomcat5.java:627) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at org.jboss.mx.notification.NotificationListenerProxy.invoke(NotificationListenerProxy.java:153) | at $Proxy18.handleNotification(Unknown Source) | at org.jboss.mx.util.JBossNotificationBroadcasterSupport.handleNotification(JBossNotificationBroadcasterSupport.java:127) | at org.jboss.mx.util.JBossNotificationBroadcasterSupport.sendNotification(JBossNotificationBroadcasterSupport.java:108) | at org.jboss.system.server.ServerImpl.sendNotification(ServerImpl.java:908) | at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:497) | at org.jboss.system.server.ServerImpl.start(ServerImpl.java:362) | at org.jboss.Main.boot(Main.java:200) | at org.jboss.Main$1.run(Main.java:490) | at java.lang.Thread.run(Thread.java:595) | 2006-11-10 16:51:36,153 INFO [org.jboss.system.server.Server] (main) JBoss (MX MicroKernel) [4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)] Started in 33s:698ms | TIA for any help! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3985089#3985089 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3985089 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user