Ondrej Lukas created WFLY-8800: ---------------------------------- Summary: JBoss CLI run with IBM JDK is not able to use secure connection when server uses Elytron ssl-context Key: WFLY-8800 URL: https://issues.jboss.org/browse/WFLY-8800 Project: WildFly Issue Type: Bug Components: CLI, Security Reporter: Ondrej Lukas Assignee: Darran Lofthouse Priority: Blocker In case SSL through Elytron ssl-context is configured for management interface then JBoss CLI is not able to authenticate when it is run with IBM JDK. It works correctly when * Legacy SSL is used instead of Elytron ssl-context * or non-IBM JDK is used for JBoss CLI * or only authentication without SSL is used It fails for http-interface as well as native-interface. When different client is used for connection to management interface (I tried it with ModelControllerClient) then authentication and SSL works correctly. For http-interface following output of CLI is print: {code} Failed to connect to the controller: The controller is not available at localhost:9993: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+https://localhost:9993. The connection failed: WFLYPRT0053: Could not connect to remote+https://localhost:9993. The connection failed: java.nio.channels.ClosedChannelException {code} For native-interface following output of CLI is print: {code} Failed to connect to the controller: Unable to negotiate SSL connection with controller at localhost:9999 {code} This issues is reported in EAP 7.1.0.DR18 because previous versions have not been able to start application server with IBM JDK. We request blocker since IBM JDK is supported and missing ability to connect to application server with secured connection blocks RFE EAP7-628. -- This message was sent by Atlassian JIRA (v7.2.3#72005)