Uploaded image for project: 'Geode'
  1. Geode
  2. GEODE-5230

Pulse does not work when SSL is enabled for JMX

    XMLWordPrintableJSON

    Details

      Description

      If I start a locator with SSL enabled ssl-components=ALL then Pulse does not work. When logging in I see an error message like:

      Connecting ...
      Failed to retrieve RMIServer stub: javax.naming.CommunicationException [Root exception is java.rmi.ConnectIOException: error during JRMP connection establishment; nested exception is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
      

      pulse.log shows the same:

      Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
              at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) ~[?:1.8.0_161]
              at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) ~[?:1.8.0_161]
              at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) ~[?:1.8.0_161]
              at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392) ~[?:1.8.0_161]
              at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) ~[?:1.8.0_161]
              at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.8.0_161]
              at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[?:1.8.0_161]
              at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[?:1.8.0_161]
              at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[?:1.8.0_161]
              at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) ~[?:1.8.0_161]
              at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) ~[?:1.8.0_161]
              at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) ~[?:1.8.0_161]
              at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) ~[?:1.8.0_161]
              at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) ~[?:1.8.0_161]
              at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) ~[?:1.8.0_161]
              at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:757) ~[?:1.8.0_161]
              at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123) ~[?:1.8.0_161]
              at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) ~[?:1.8.0_161]
              at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) ~[?:1.8.0_161]
              at java.io.DataOutputStream.flush(DataOutputStream.java:123) ~[?:1.8.0_161]
              at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:229) ~[?:1.8.0_161]
              at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202) ~[?:1.8.0_161]
              at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:338) ~[?:1.8.0_161]
              at sun.rmi.registry.RegistryImpl_Stub.lookup(RegistryImpl_Stub.java:112) ~[?:1.8.0_161]
              at com.sun.jndi.rmi.registry.RegistryContext.lookup(RegistryContext.java:132) ~[?:1.8.0_161]
              at com.sun.jndi.toolkit.url.GenericURLContext.lookup(GenericURLContext.java:205) ~[?:1.8.0_161]
              at javax.naming.InitialContext.lookup(InitialContext.java:417) ~[?:1.8.0_161]
              at javax.management.remote.rmi.RMIConnector.findRMIServerJNDI(RMIConnector.java:1955) ~[?:1.8.0_161]
              at javax.management.remote.rmi.RMIConnector.findRMIServer(RMIConnector.java:1922) ~[?:1.8.0_161]
              at javax.management.remote.rmi.RMIConnector.connect(RMIConnector.java:287) ~[?:1.8.0_161]
              ... 92 more
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jens.deppe Jens Deppe
                Reporter:
                jens.deppe Jens Deppe
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1.5h
                  1.5h