Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-8912

Remoting tries to create SSLSocketFactory even when not desired

    XMLWordPrintable

    Details

    • Steps to Reproduce:
      Hide

      Add the code in the description before a web service invocation.

      Show
      Add the code in the description before a web service invocation.
    • Workaround Description:
      Hide

      Install a Log4J filter that denies the confusing ERROR log message. Remoting still tries to create its own SSLSocketFactory, but it will harmlessly fail silently.

      Show
      Install a Log4J filter that denies the confusing ERROR log message. Remoting still tries to create its own SSLSocketFactory , but it will harmlessly fail silently.
    • Release Notes Text:
      Hide
      If you had configured JBossWS clients to use the socket factory returned by HttpsURLConnection.getDefaultSSLSocketFactory(), then you would receive an ERROR log message even though the configuration would work properly. The code causing this issue has been cleaned up, and a new property is available to tell JBossWS to use the default SSL socket factory: StubExt.PROPERTY_DEFAULT_SSL_SOCKET_FACTORY.
      Show
      If you had configured JBossWS clients to use the socket factory returned by HttpsURLConnection.getDefaultSSLSocketFactory(), then you would receive an ERROR log message even though the configuration would work properly. The code causing this issue has been cleaned up, and a new property is available to tell JBossWS to use the default SSL socket factory: StubExt.PROPERTY_DEFAULT_SSL_SOCKET_FACTORY.
    • Release Notes Docs Status:
      Documented as Resolved Issue
    • Docs QE Status:
      NEW

      Description

      Running the following code is an alternative way to set the keystore/truststore in a remoting client:

       KeyStore ksTrust = KeyStore.getInstance("JKS");
      		 
          ksTrust.load(new FileInputStream("testTrust"), passphrase);
      		 
       
      		 
          TrustManagerFactory tmf =
      		 
              TrustManagerFactory.getInstance("SunX509");
      		 
          tmf.init(ksTrust);
      		 
       
      		 
          SSLContext sslContext = SSLContext.getInstance("TLS");
      		 
          sslContext.init(null, tmf.getTrustManagers(), null);
      		 
       
      		 
          HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());

      When this code is added, Remoting should not try to create its own SSLSocketFactory. Currently there is no way to tell Remoting to not try. This causes a confusing ERROR message:

      Error creating SSL Socket Factory for client invoker: Error initializing socket factory SSL context: Can not find truststore url.

      After this message is logged, the client still works because it falls back to the default SSLSocketFactory (that was already set).

        Gliffy Diagrams

          Attachments

            Issue Links

            blocks

            Task - A task that needs to be done. JBPAPP-9494 [JBossWS] Release and upgrade JBossWS Native for EAP 5.2.0

            • Major - A request that should be considered seriously but is not a show stopper.
            • Closed
            cloned to

            Bug - A problem which impairs or prevents the functions of the product. JBREM-1306 Remoting tries to create SSLSocketFactory even when not desired

            • Minor - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

              Activity

                People

                • Assignee:
                  klape Kyle Lape
                  Reporter:
                  klape Kyle Lape
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: