?
Solved

jconsole connection failed

Posted on 2005-05-01
5
Medium Priority
?
2,888 Views
Last Modified: 2009-11-16
I got jconsole working with the server if I have authentication and ssl disabled. But, when I try to enable authentication it fails.

I've created a certificate and it's in the keystore.

Here are the extra parameters I added to the server:
  -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=58084 -Dcom.sun.management.jmxremote.ssl.need.client.auth=true -Djava.rmi.server.hostname="knowlist.com"

I added passwords to the jxmremote.password file for "monitorRole" and "controlRole".

I then tried to log into the server using jconsole with the username "controlRole" and it just says "connection failed". I find it odd that a username would have "role" in it, but that seems to be what the jmx ssl setup instructions seem to be telling me.

The frustrating thing is that jconsole just says "connection failed" and never provides any additional information to indicate what's failing.
0
Comment
Question by:HappyEngineer
  • 3
  • 2
5 Comments
 
LVL 3

Expert Comment

by:neonlines
ID: 13903644
Enable the debuging and notice the processing

Add the line to enable the SSL debug log
System.setProperty("javax.net.debug","all");
0
 

Author Comment

by:HappyEngineer
ID: 13905873
I did that and it outputs lots of debug info. The relevant part seems to be:
  RMI TCP Connection(24)-127.0.0.1, handling exception: javax.net.ssl.SSLHandshakeException: no cipher suites in common

What does that mean? I'm running jconsole from the same PC as the server using the same jdk. Anything available to jconsole should be available to the webapp.
0
 

Author Comment

by:HappyEngineer
ID: 13906110
I've added a jvm parameter to point it to the keystore, but it still doesn't list any keys added. After "init truststore" it lists a whole bunch of keys which are apparently part of the default java distribution. But, after the "init keystore" it doesn't list any keys.

setting up default SSLSocketFactory
use default SunJSSE impl class: com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl is loaded
keyStore is : J:/jdk/bin/klkeystore
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: J:\j2sdk1.5.0_01\jre\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
  Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
...


If I list the keystore I get:

J:\jdk\bin>keytool -list -keystore klkeystore
Enter keystore password:  yastmork

Keystore type: jks
Keystore provider: SUN

Your keystore contains 1 entry

klcert, May 1, 2005, trustedCertEntry,
Certificate fingerprint (MD5): ...
0
 
LVL 3

Accepted Solution

by:
neonlines earned 1000 total points
ID: 13908300
Then add ur new key and then try

keytool -import -file /tmp/certificate.cer  -keystore J:\j2sdk1.5.0_01\jre\lib\security\cacerts -alias  worldcheck

give the password : changeit

Do you want to trust it? [no]:  yes
0
 

Author Comment

by:HappyEngineer
ID: 13914223
Ok, it's in there now and is listed when the webapp starts.

However, when I try to connect with jconsole it still says (in the webapp logs) that there are no cipher suites in common.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For beginner Java programmers or at least those new to the Eclipse IDE, the following tutorial will show some (four) ways in which you can import your Java projects to your Eclipse workbench. Introduction While learning Java can be done with…
Java had always been an easily readable and understandable language.  Some relatively recent changes in the language seem to be changing this pretty fast, and anyone that had not seen any Java code for the last 5 years will possibly have issues unde…
Video by: Michael
Viewers learn about how to reduce the potential repetitiveness of coding in main by developing methods to perform specific tasks for their program. Additionally, objects are introduced for the purpose of learning how to call methods in Java. Define …
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses
Course of the Month16 days, 18 hours left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question