[jira] Commented: (GERONIMO-2780) Tomcat fails to accept certificate alias
[
https://issues.apache.org/jira/browse/GERONIMO-2780?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12467632
]
Leonard Flournoy commented on GERONIMO-2780:
Donald, thanks for your efforts an congrats on the addition to your family.
I've talked with Jeff and he's agreed to finish this, would you assign this
to him.
Thanks!
--
Leonard J. Flournoy
Senior Software Engineer
323 309-3480
> Tomcat fails to accept certificate alias
>
>
> Key: GERONIMO-2780
> URL: https://issues.apache.org/jira/browse/GERONIMO-2780
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Tomcat
>Affects Versions: 1.1.1
> Environment: all
>Reporter: Leonard Flournoy
> Assigned To: Donald Woods
> Fix For: 1.1.2, 2.0-beta1
>
> Attachments: G2780-keyAlias.patch
>
>
> Here's the contents of the keystore:
> --8<
> [EMAIL PROTECTED] ~]$ keytool -list -keystore /webetc/keys/arena-dev-web.jks
> Enter keystore password:
> Keystore type: jks
> Keystore provider: SUN
> Your keystore contains 3 entries
> plm.qa.bom.com-arena-server, Jan 24, 2007, keyEntry,
> Certificate fingerprint (MD5):
> 24:4F:8D:F8:E0:B7:EA:C2:CD:FE:0E:77:81:B0:34:DC
> plm.ref.bom.com-arena-server, Jan 24, 2007, keyEntry,
> Certificate fingerprint (MD5):
> 41:03:90:6F:15:1B:C3:C7:3F:3D:6C:ED:74:B0:9F:FE
> plm.dev.bom.com-arena-server, Nov 26, 2006, keyEntry,
> Certificate fingerprint (MD5):
> 8C:58:3E:C5:F2:3B:01:0C:65:53:5D:23:12:C5:6C:08
> [EMAIL PROTECTED] ~]$
> --8<
> ...and here's the gbean we are using to declare the HTTPS Connector:
> --8<
> name="geronimo/tomcat/1.1.1/car?ServiceModule=geronimo/tomcat/1.1.1/car,
> j2eeType=GBean,name=plm.ref.bom.com-arena-server">
> plm.ref.bom.com-arena-server
> HTTPS
> plm.ref.bom.com
> 4431
> 50
> 100
>
> JKS
>name="keystoreFileName">/webetc/keys/arena-dev-web.jks
>name="keystorePassword">{Simple}rO0ABXNyABlqYXZheC5jcnlwdG8uU2VhbGVkT2Jq
> ZWN0PjY9psO3VHACAARbAA1lbmNvZGVkUGFyYW1zdAACW0JbABBlbmNyeXB0ZWRDb250ZW50
> cQB+AAFMAAlwYXJhbXNBbGd0ABJMamF2YS9sYW5nL1N0cmluZztMAAdzZWFsQWxncQB+AAJ4
> cHB1cgACW0Ks8xf4BghU4AIAAHhwIGSR0Xtc+HC5SaER/SUEd6yUduVcQW9y6ZEbHfsR
> W7PUcHQAA0FFUw==
> Default
> Default
> False
> JKS
>name="truststoreFileName">/webetc/CA/trusted-authorities-certs.jks ibute>
>name="truststorePassword">{Simple}rO0ABXNyABlqYXZheC5jcnlwdG8uU2VhbGVkT2
> JqZWN0PjY9psO3VHACAARbAA1lbmNvZGVkUGFyYW1zdAACW0JbABBlbmNyeXB0ZWRDb250ZW
> 50cQB+AAFMAAlwYXJhbXNBbGd0ABJMamF2YS9sYW5nL1N0cmluZztMAAdzZWFsQWxncQB+AA
> J4cHB1cgACW0Ks8xf4BghU4AIAAHhwIGSR0Xtc+HC5SaER/SUEd6yUduVcQW9y6ZEbHf
> sRW7PUcHQAA0FFUw==
>
>
> geronimo
> tomcat
> 1.1.1
> car
> TomcatWebContainer
>
>
>
>
> geronimo
> j2ee-system
> 1.1.1
> car
> ServerInfo
>
>
>
> --8<
> WAS CE starts this Gbean happily, but when the connector receives a
> connection from an HTTPS client, it uses the
> "plm.qa.bom.com-arena-server" keyEntry (that is, the first keyEntry
> listed in the keystore). I would like to be able to specify which
> keyEntry is used for each HTTPS connector.
> If I uncomment the "initParams" element, then WAS CE fails on startup
> with this error:
> --8<
> Module 3/5 geronimo/tomcat/1.1.1/car
> 13:59:14,512 ERROR [GBeanInstanceState] Error while starting; GBean is
> now in the FAILED state:
> abstractName="geronimo/tomcat/1.1.1/car?configurationName=geronimo/tomca
> t/1.1.1/car"
> org.apache.geronimo.kernel.config.InvalidConfigException: No attribute:
> initParams for gbean:
> geronimo/tomcat/1.1.1/car?ServiceModule=geronimo/tomcat/1.1.1/car,j2eeTy
> pe=GBean,name=plm.ref.bom.com-arena-server
> at
> org.apache.geronimo.system.configuration.LocalAttributeManager.setAttrib
> utes(LocalAttributeManager.java:197)
> ...
> 13:59:14,521 ERROR [Daemon] Exception caught while starting
> configurations.
> Exception=org.apache.geronimo.kernel.config.LifecycleException: load of
> geronimo/tomcat/1.1.1/car failed
> Server startup failed
> --8<
> Any help would be appreciated.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Created: (GERONIMO-2780) Tomcat fails to accept certificate alias
Tomcat fails to accept certificate alias
Key: GERONIMO-2780
URL: https://issues.apache.org/jira/browse/GERONIMO-2780
Project: Geronimo
Issue Type: Bug
Security Level: public (Regular issues)
Affects Versions: 1.1.1
Environment: all
Reporter: Leonard Flournoy
Fix For: 1.1.x
Here's the contents of the keystore:
--8<
[EMAIL PROTECTED] ~]$ keytool -list -keystore /webetc/keys/arena-dev-web.jks
Enter keystore password:
Keystore type: jks
Keystore provider: SUN
Your keystore contains 3 entries
plm.qa.bom.com-arena-server, Jan 24, 2007, keyEntry,
Certificate fingerprint (MD5):
24:4F:8D:F8:E0:B7:EA:C2:CD:FE:0E:77:81:B0:34:DC
plm.ref.bom.com-arena-server, Jan 24, 2007, keyEntry,
Certificate fingerprint (MD5):
41:03:90:6F:15:1B:C3:C7:3F:3D:6C:ED:74:B0:9F:FE
plm.dev.bom.com-arena-server, Nov 26, 2006, keyEntry,
Certificate fingerprint (MD5):
8C:58:3E:C5:F2:3B:01:0C:65:53:5D:23:12:C5:6C:08
[EMAIL PROTECTED] ~]$
--8<
...and here's the gbean we are using to declare the HTTPS Connector:
--8<
plm.ref.bom.com-arena-server
HTTPS
plm.ref.bom.com
4431
50
100
JKS
/webetc/keys/arena-dev-web.jks
{Simple}rO0ABXNyABlqYXZheC5jcnlwdG8uU2VhbGVkT2Jq
ZWN0PjY9psO3VHACAARbAA1lbmNvZGVkUGFyYW1zdAACW0JbABBlbmNyeXB0ZWRDb250ZW50
cQB+AAFMAAlwYXJhbXNBbGd0ABJMamF2YS9sYW5nL1N0cmluZztMAAdzZWFsQWxncQB+AAJ4
cHB1cgACW0Ks8xf4BghU4AIAAHhwIGSR0Xtc+HC5SaER/SUEd6yUduVcQW9y6ZEbHfsR
W7PUcHQAA0FFUw==
Default
Default
False
JKS
/webetc/CA/trusted-authorities-certs.jks
{Simple}rO0ABXNyABlqYXZheC5jcnlwdG8uU2VhbGVkT2
JqZWN0PjY9psO3VHACAARbAA1lbmNvZGVkUGFyYW1zdAACW0JbABBlbmNyeXB0ZWRDb250ZW
50cQB+AAFMAAlwYXJhbXNBbGd0ABJMamF2YS9sYW5nL1N0cmluZztMAAdzZWFsQWxncQB+AA
J4cHB1cgACW0Ks8xf4BghU4AIAAHhwIGSR0Xtc+HC5SaER/SUEd6yUduVcQW9y6ZEbHf
sRW7PUcHQAA0FFUw==
geronimo
tomcat
1.1.1
car
TomcatWebContainer
geronimo
j2ee-system
1.1.1
car
ServerInfo
--8<
WAS CE starts this Gbean happily, but when the connector receives a
connection from an HTTPS client, it uses the
"plm.qa.bom.com-arena-server" keyEntry (that is, the first keyEntry
listed in the keystore). I would like to be able to specify which
keyEntry is used for each HTTPS connector.
If I uncomment the "initParams" element, then WAS CE fails on startup
with this error:
--8<
Module 3/5 geronimo/tomcat/1.1.1/car
13:59:14,512 ERROR [GBeanInstanceState] Error while starting; GBean is
now in the FAILED state:
abstractName="geronimo/tomcat/1.1.1/car?configurationName=geronimo/tomca
t/1.1.1/car"
org.apache.geronimo.kernel.config.InvalidConfigException: No attribute:
initParams for gbean:
geronimo/tomcat/1.1.1/car?ServiceModule=geronimo/tomcat/1.1.1/car,j2eeTy
pe=GBean,name=plm.ref.bom.com-arena-server
at
org.apache.geronimo.system.configuration.LocalAttributeManager.setAttrib
utes(LocalAttributeManager.java:197)
...
13:59:14,521 ERROR [Daemon] Exception caught while starting
configurations.
Exception=org.apache.geronimo.kernel.config.LifecycleException: load of
geronimo/tomcat/1.1.1/car failed
Server startup failed
--8<
Any help would be appreciated.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Created: (GERONIMO-2765) Offline deployment broken in geronimo-tomcat-j2ee-1.2-SNAPSHOT
Offline deployment broken in geronimo-tomcat-j2ee-1.2-SNAPSHOT --- Key: GERONIMO-2765 URL: https://issues.apache.org/jira/browse/GERONIMO-2765 Project: Geronimo Issue Type: Bug Security Level: public (Regular issues) Components: deployment Affects Versions: 1.1.2 Environment: All Reporter: Leonard Flournoy Fix For: 1.1.2 Steps to reproduce offline deployment failure with geronimo-tomcat-j2ee configuration of Geronimo 1.2. 1. Display OS & Java version information: $ cat /proc/version Linux version 2.6.9-42.0.3.ELsmp ([EMAIL PROTECTED]) (gcc version 3.4.6 20060404 (Red Hat 3.4.6-3)) #1 SMP Mon Sep 25 17:28:02 EDT 2006 $ java -version java version "1.5.0_09" Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_09-b03) Java HotSpot(TM) Server VM (build 1.5.0_09-b03, mixed mode) 2. Check out geronimo v1.2 & display version information: $ svn checkout https://svn.apache.org/repos/asf/geronimo/server/branches/1.2 geronimo-1.2 $ svn info Path: . URL: https://svn.apache.org/repos/asf/geronimo/server/branches/1.2 Repository UUID: 13f79535-47bb-0310-9956-ffa450edef68 Revision: 498232 ... 3. Build: $ cd geronimo-1.2 $ mvn clean install 4. Extract geronimo-tomcat-j2ee-1.2-SNAPSHOT-bin.tar.gz: $ cd ~ $ tar -xzf geronimo-1.2/assemblies/geronimo-tomcat-j2ee/target/geronimo-tomcat-j2ee -1.2-SNAPSHOT-bin.tar.gz 5. Start geronimo (to confirm a working installation): $ cd geronimo-tomcat-j2ee-1.2-SNAPSHOT $ bin/geronimo.sh start 6. Perform online deployment/undeployment: $ bin/deploy.sh deploy ~/wasce_samples/applications/hello/target/hello-1.1.1.war ~/wasce_samples/applications/hello/target/hello-1.1.1-web.xml $ bin/deploy.sh undeploy wasce-samples/hello//war 7. Stop Geronimo: $ bin/geronimo.sh stop 8. Attempt an offline deployment (war file and deployment plan attached): $ bin/deploy.sh --offline deploy ~/wasce_samples/applications/hello/target/hello-1.1.1.war ~/wasce_samples/applications/hello/target/hello-1.1.1-web.xml Using GERONIMO_BASE: /home/eric/geronimo-tomcat-j2ee-1.2-SNAPSHOT Using GERONIMO_HOME: /home/eric/geronimo-tomcat-j2ee-1.2-SNAPSHOT Using GERONIMO_TMPDIR: /home/eric/geronimo-tomcat-j2ee-1.2-SNAPSHOT/var/temp Using JRE_HOME:/usr/java/jdk1.5.0_09/jre Exception in thread "main" java.lang.NoClassDefFoundError: org/apache/geronimo/deployment/ModuleConfigurer at org.apache.geronimo.deployment.cli.ServerConnection.(ServerConnect ion.java:207) at org.apache.geronimo.deployment.cli.DeployTool.execute(DeployTool.java:15 7) at org.apache.geronimo.deployment.cli.DeployTool.main(DeployTool.java:314) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Created: (GERONIMO-2753) the "namingProviderUrl" element does *not* appear to control which IP addresses the RMI service binds to
the "namingProviderUrl" element does *not* appear to control which IP addresses
the RMI service binds to
Key: GERONIMO-2753
URL: https://issues.apache.org/jira/browse/GERONIMO-2753
Project: Geronimo
Issue Type: Bug
Security Level: public (Regular issues)
Components: management
Affects Versions: 1.1.1
Environment: All
Reporter: Leonard Flournoy
Fix For: 1.1.1
Unfortunately, the "namingProviderUrl" element
does *not* appear to control which IP addresses the RMI service binds to
at the network level. In fact, from a quick look at the Geronimo source
code, it appears that "0.0.0.0" is hard-coded as the IP address to which
the RMI service binds:
In
modules/geronimo-system/src/main/java/org/apache/geronimo/system/rmi/RMI
RegistryService.java:
8<---
public String getHost() {
return "0.0.0.0";
}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
