Uploaded image for project: 'Application Server 7'
  1. Application Server 7
  2. AS7-4942

modcluster configuration does not respect SSL configuration

    XMLWordPrintable

Details

    • Compatibility/Configuration

    Description

      jboss AS 7.1.1.Final. HA-Standalone configuration (clustered) with HTTPD modcluster advertise is on; SSL configuration inside standalone xml are ignored (server is using default values).
      Setting the following inside httpd.conf file:

      <IfModule manager_module>
      Listen *:6666

      1. ManagerBalancerName myCluster
        <VirtualHost *:6666>
        <Location />
        Order deny,allow
        Deny from all
        Allow from all
        </Location>

      SSLEngine ON
      SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
      SSLCertificateKeyFile conf/cert.key
      SSLCertificateFile conf/cert.cert
      SSLProtocol all -SSLv2
      ..

      Setting the following in jboss AS:

      <subsystem xmlns="urn:jboss:domain:modcluster:1.0">
      <mod-cluster-config balancer="pnw-cluster" advertise-socket="modcluster" advertise-security-key="blabla">
      <dynamic-load-provider history="10" decay="50">
      <load-metric type="cpu" weight="2" capacity="2"/>
      <load-metric type="sessions" weight="1" capacity="1000"/>
      <load-metric type="heap" weight="3" capacity="1"/>
      </dynamic-load-provider>
      <ssl password="17227491" certificate-key-file="configuration/.keystore" ca-certificate-file="configuration/.keystore"/>

      </mod-cluster-config>
      </subsystem>

      Keep getting the following ERRORS on jboss output:

      17:51:44,291 ERROR [stderr] (pool-27-thread-1) at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.<init>(JSSESocketFactory.java:113)
      17:51:44,291 ERROR [stderr] (pool-27-thread-1) at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler$Proxy.<init>(DefaultMCMPHandler.java:747)
      17:51:44,292 ERROR [stderr] (pool-27-thread-1) at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.add(DefaultMCMPHandler.java:183)
      17:51:44,293 ERROR [stderr] (pool-27-thread-1) at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.addProxy(DefaultMCMPHandler.java:179)
      17:51:44,293 ERROR [stderr] (pool-27-thread-1) at org.jboss.modcluster.advertise.impl.AdvertiseListenerImpl$AdvertiseListenerWorker.run(AdvertiseListenerImpl.java:443)
      17:51:44,294 ERROR [stderr] (pool-27-thread-1) at java.lang.Thread.run(Thread.java:662)
      17:51:44,294 ERROR [stderr] (pool-27-thread-1) Caused by: java.io.FileNotFoundException: /export/home/ana50/.keystore (No such file or directory)
      17:51:44,295 ERROR [stderr] (pool-27-thread-1) at java.io.FileInputStream.open(Native Method)
      17:51:44,295 ERROR [stderr] (pool-27-thread-1) at java.io.FileInputStream.<init>(FileInputStream.java:120)
      17:51:44,295 ERROR [stderr] (pool-27-thread-1) at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getStore(JSSESocketFactory.java:253)
      17:51:44,296 ERROR [stderr] (pool-27-thread-1) at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getKeystore(JSSESocketFactory.java:208)
      17:51:44,296 ERROR [stderr] (pool-27-thread-1) at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:280)
      17:51:44,297 ERROR [stderr] (pool-27-thread-1) at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.<init>(JSSESocketFactory.java:98)
      17:51:44,297 ERROR [stderr] (pool-27-thread-1) ... 5 more

      I went over all modcluster open and closed bugs without finding any relevant solution. I'm getting these error when using absolute paths as well.

      Attachments

        Activity

          People

            tomazcerar Tomaž Cerar (Inactive)
            ykonrad yuval konrad (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: