I've tried this in both 4.0.4 and the just released 4.0.5, since this Wiki
states the functionality to encrypt the keystore password in the Tomcat
connector config has been "available since a long long time". It references
JBAS-3369 as the task that enabled this feature.
I created an sslsecurity-service.xml file in my /deploy directory, and am
certain it is configured correctly because I setup my JMS UIL2 to use it, and
it starts up fine.
sslsecurity-service.xml:
| <?xml version="1.0" encoding="UTF-8"?>
|
| <server>
|
| <!-- Configures the keystore/truststore for SSL on the security domain -->
| <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
| name="jboss.security:service=PBESecurityDomain">
| <constructor>
| <arg type="java.lang.String" value="SSL"/>
| </constructor>
| <!-- The location of the keystore
| resource: loads from the classloaders conf/ is the first
classloader -->
| <attribute name="KeyStoreURL">resource:jbkeystore.ks</attribute>
| <attribute
name="KeyStorePass">{CLASS}org.jboss.security.plugins.FilePassword:${jboss.server.home.dir}/conf/jbkeystore.pw</attribute>
| <attribute name="KeyStoreType">JCEKS</attribute>
| <attribute name="Salt">feefifofum</attribute>
| <attribute name="IterationCount">13</attribute>
| </mbean>
|
| </server>
|
section in ssl-uil2-service.xml referencing security domain:
| <!-- SSL Socket Factories -->
| <attribute
name="ClientSocketFactory">org.jboss.security.ssl.ClientSocketFactory</attribute>
| <attribute
name="ServerSocketFactory">org.jboss.security.ssl.DomainServerSocketFactory</attribute>
|
| <!-- Security domain - see below -->
| <attribute name="SecurityDomain">java:/jaas/SSL</attribute>
|
I did comment out the original security domain config in this file so that the
new one would be used instead.
server.log:
| 2006-11-10 16:51:21,773 INFO [org.apache.catalina.startup.Embedded] (main)
Catalina naming disabled
| 2006-11-10 16:51:21,923 INFO
[org.apache.catalina.startup.ClusterRuleSetFactory] (main) Unable to find a
cluster rule set in the classpath. Will load the default rule set.
| 2006-11-10 16:51:21,923 INFO
[org.apache.catalina.startup.ClusterRuleSetFactory] (main) Unable to find a
cluster rule set in the classpath. Will load the default rule set.
| 2006-11-10 16:51:22,604 ERROR [org.apache.catalina.startup.Catalina] (main)
Catalina.start
| LifecycleException: Protocol handler initialization failed:
java.lang.IllegalArgumentException: Failed to set security domain
| at
org.apache.catalina.connector.Connector.initialize(Connector.java:1018)
| at
org.jboss.web.tomcat.tc5.StandardService.initialize(StandardService.java:688)
| at
org.apache.catalina.core.StandardServer.initialize(StandardServer.java:791)
| at org.apache.catalina.startup.Catalina.load(Catalina.java:503)
| at org.apache.catalina.startup.Catalina.start(Catalina.java:543)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at
org.apache.commons.modeler.BaseModelMBean.invoke(BaseModelMBean.java:503)
| at
org.jboss.mx.server.RawDynamicInvoker.invoke(RawDynamicInvoker.java:164)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.web.tomcat.tc5.Tomcat5.startService(Tomcat5.java:446)
| at
org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:289)
| at
org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:245)
| at sun.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)
| at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at
org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at
org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at
org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
| at
org.jboss.mx.interceptor.DynamicInterceptor.invoke(DynamicInterceptor.java:97)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at
org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at
org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:978)
| at $Proxy0.start(Unknown Source)
| at org.jboss.system.ServiceController.start(ServiceController.java:417)
| at org.jboss.system.ServiceController.start(ServiceController.java:435)
| at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source)
| at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at
org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at
org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy4.start(Unknown Source)
| at org.jboss.deployment.SARDeployer.start(SARDeployer.java:302)
| at org.jboss.deployment.MainDeployer.start(MainDeployer.java:1025)
| at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:819)
| at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:782)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at
org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at
org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at
org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at
org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy6.deploy(Unknown Source)
| at
org.jboss.deployment.scanner.URLDeploymentScanner.deploy(URLDeploymentScanner.java:421)
| at
org.jboss.deployment.scanner.URLDeploymentScanner.scan(URLDeploymentScanner.java:634)
| at
org.jboss.deployment.scanner.AbstractDeploymentScanner$ScannerThread.doScan(AbstractDeploymentScanner.java:263)
| at
org.jboss.deployment.scanner.AbstractDeploymentScanner.startService(AbstractDeploymentScanner.java:336)
| at
org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:289)
| at
org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:245)
| at sun.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)
| at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at
org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at
org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at
org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:978)
| at $Proxy0.start(Unknown Source)
| at org.jboss.system.ServiceController.start(ServiceController.java:417)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at
org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at
org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy4.start(Unknown Source)
| at org.jboss.deployment.SARDeployer.start(SARDeployer.java:302)
| at org.jboss.deployment.MainDeployer.start(MainDeployer.java:1025)
| at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:819)
| at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:782)
| at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:766)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at
org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at
org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at
org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at
org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy5.deploy(Unknown Source)
| at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:482)
| at org.jboss.system.server.ServerImpl.start(ServerImpl.java:362)
| at org.jboss.Main.boot(Main.java:200)
| at org.jboss.Main$1.run(Main.java:490)
| at java.lang.Thread.run(Thread.java:595)
| 2006-11-10 16:51:22,794 INFO [org.apache.catalina.startup.Catalina] (main)
Initialization processed in 871 ms
| 2006-11-10 16:51:22,794 INFO [org.jboss.web.tomcat.tc5.StandardService]
(main) Starting service jboss.web
| 2006-11-10 16:51:22,804 INFO [org.apache.catalina.core.StandardEngine]
(main) Starting Servlet Engine: Apache Tomcat/5.5.20
| 2006-11-10 16:51:22,864 INFO [org.apache.catalina.core.StandardHost]
(main) XML validation disabled
| 2006-11-10 16:51:23,946 INFO [org.apache.catalina.startup.Catalina] (main)
Server startup in 1152 ms
| 2006-11-10 16:51:24,797 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer]
(main) deploy, ctxPath=/invoker, warUrl=.../deploy/http-invoker.sar/invoker.war/
| 2006-11-10 16:51:25,448 INFO [org.apache.catalina.loader.WebappLoader]
(main) Dual registration of jndi stream handler: factory already defined
| 2006-11-10 16:51:27,571 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer]
(main) deploy, ctxPath=/, warUrl=.../deploy/jbossweb-tomcat55.sar/ROOT.war/
| 2006-11-10 16:51:28,032 INFO [org.jboss.resource.deployment.RARDeployment]
(main) Required license terms exist, view META-INF/ra.xml in
.../deploy/jboss-local-jdbc.rar
| 2006-11-10 16:51:32,348 INFO
[org.jboss.resource.adapter.jdbc.remote.WrapperDataSourceService] (main) Bound
ConnectionManager 'jboss.jca:service=DataSourceBinding,name=OracleDS' to JNDI
name 'java:OracleDS'
| 2006-11-10 16:51:33,640 INFO [STDOUT] (main) [EMAIL PROTECTED]
| 2006-11-10 16:51:33,850 INFO [org.jboss.mq.il.uil2.UILServerILService]
(main) JBossMQ UIL service available at : /0.0.0.0:9000
| 2006-11-10 16:51:34,010 INFO [org.jboss.mq.server.jmx.Queue.DLQ] (main)
Bound to JNDI name: queue/DLQ
| 2006-11-10 16:51:34,101 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer]
(main) deploy, ctxPath=/jmx-console, warUrl=.../deploy/jmx-console.war/
| 2006-11-10 16:51:35,583 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer]
(main) deploy, ctxPath=/utilservlets,
warUrl=.../tmp/deploy/tmp30167utilservlets-exp.war/
| 2006-11-10 16:51:36,113 ERROR [org.apache.coyote.http11.Http11BaseProtocol]
(main) Error starting endpoint
| java.io.IOException: securityDomain is null.Set it as an attribute in the
connector setting
| at
org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:125)
| at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:98)
| at
org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:294)
| at
org.apache.tomcat.util.net.PoolTcpEndpoint.startEndpoint(PoolTcpEndpoint.java:312)
| at
org.apache.coyote.http11.Http11BaseProtocol.start(Http11BaseProtocol.java:150)
| at org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:75)
| at org.apache.catalina.connector.Connector.start(Connector.java:1089)
| at org.jboss.web.tomcat.tc5.Tomcat5.startConnectors(Tomcat5.java:590)
| at org.jboss.web.tomcat.tc5.Tomcat5.handleNotification(Tomcat5.java:627)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at
org.jboss.mx.notification.NotificationListenerProxy.invoke(NotificationListenerProxy.java:153)
| at $Proxy18.handleNotification(Unknown Source)
| at
org.jboss.mx.util.JBossNotificationBroadcasterSupport.handleNotification(JBossNotificationBroadcasterSupport.java:127)
| at
org.jboss.mx.util.JBossNotificationBroadcasterSupport.sendNotification(JBossNotificationBroadcasterSupport.java:108)
| at
org.jboss.system.server.ServerImpl.sendNotification(ServerImpl.java:908)
| at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:497)
| at org.jboss.system.server.ServerImpl.start(ServerImpl.java:362)
| at org.jboss.Main.boot(Main.java:200)
| at org.jboss.Main$1.run(Main.java:490)
| at java.lang.Thread.run(Thread.java:595)
| 2006-11-10 16:51:36,153 WARN [org.jboss.web.tomcat.tc5.Tomcat5] (main)
Failed to startConnectors
| LifecycleException: service.getName(): "jboss.web"; Protocol handler
start failed: java.io.IOException: securityDomain is null.Set it as an
attribute in the connector setting
| at org.apache.catalina.connector.Connector.start(Connector.java:1096)
| at org.jboss.web.tomcat.tc5.Tomcat5.startConnectors(Tomcat5.java:590)
| at org.jboss.web.tomcat.tc5.Tomcat5.handleNotification(Tomcat5.java:627)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at
org.jboss.mx.notification.NotificationListenerProxy.invoke(NotificationListenerProxy.java:153)
| at $Proxy18.handleNotification(Unknown Source)
| at
org.jboss.mx.util.JBossNotificationBroadcasterSupport.handleNotification(JBossNotificationBroadcasterSupport.java:127)
| at
org.jboss.mx.util.JBossNotificationBroadcasterSupport.sendNotification(JBossNotificationBroadcasterSupport.java:108)
| at
org.jboss.system.server.ServerImpl.sendNotification(ServerImpl.java:908)
| at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:497)
| at org.jboss.system.server.ServerImpl.start(ServerImpl.java:362)
| at org.jboss.Main.boot(Main.java:200)
| at org.jboss.Main$1.run(Main.java:490)
| at java.lang.Thread.run(Thread.java:595)
| 2006-11-10 16:51:36,153 INFO [org.jboss.system.server.Server] (main) JBoss
(MX MicroKernel) [4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)]
Started in 33s:698ms
|
TIA for any help!
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3985089#3985089
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3985089
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
