[jboss-jira] [JBoss JIRA] (AS7-4942) modcluster configuration does not respect SSL configuration

[yuval konrad (JIRA)]

yuval konrad created AS7-4942:
---------------------------------

             Summary: modcluster configuration does not respect SSL configuration
                 Key: AS7-4942
                 URL: https://issues.jboss.org/browse/AS7-4942
             Project: Application Server 7
          Issue Type: Bug
          Components: Server
    Affects Versions: 7.1.1.Final
         Environment: jboss AS 7.1.1.Final. HA-Standalone configuration (clustered) with HTTPD modcluster advertise is on
            Reporter: yuval konrad
            Assignee: Jason Greene


jboss AS 7.1.1.Final. HA-Standalone configuration (clustered) with HTTPD modcluster advertise is on; SSL configuration inside standalone xml are ignored (server is using default values).
Setting the following inside httpd.conf file:


<IfModule manager_module>
  Listen *:6666
  # ManagerBalancerName myCluster 
  <VirtualHost *:6666>
    <Location />
     Order deny,allow
     Deny from all
     Allow from all 
    </Location>
     
    SSLEngine ON
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateKeyFile conf/cert.key
    SSLCertificateFile conf/cert.cert
    SSLProtocol all -SSLv2
..


Setting the following in jboss AS:

           <subsystem xmlns="urn:jboss:domain:modcluster:1.0">
                <mod-cluster-config balancer="pnw-cluster" advertise-socket="modcluster" advertise-security-key="blabla">
                        <dynamic-load-provider history="10" decay="50">
                            <load-metric type="cpu" weight="2" capacity="2"/>
                            <load-metric type="sessions" weight="1" capacity="1000"/>
                            <load-metric type="heap" weight="3" capacity="1"/>
                        </dynamic-load-provider>
                        <ssl password="17227491" certificate-key-file="configuration/.keystore" ca-certificate-file="configuration/.keystore"/>

                </mod-cluster-config>
           </subsystem>

Keep getting the following ERRORS on jboss output:

17:51:44,291 ERROR [stderr] (pool-27-thread-1)  at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.<init>(JSSESocketFactory.java:113)
17:51:44,291 ERROR [stderr] (pool-27-thread-1)  at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler$Proxy.<init>(DefaultMCMPHandler.java:747)
17:51:44,292 ERROR [stderr] (pool-27-thread-1)  at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.add(DefaultMCMPHandler.java:183)
17:51:44,293 ERROR [stderr] (pool-27-thread-1)  at org.jboss.modcluster.mcmp.impl.DefaultMCMPHandler.addProxy(DefaultMCMPHandler.java:179)
17:51:44,293 ERROR [stderr] (pool-27-thread-1)  at org.jboss.modcluster.advertise.impl.AdvertiseListenerImpl$AdvertiseListenerWorker.run(AdvertiseListenerImpl.java:443)
17:51:44,294 ERROR [stderr] (pool-27-thread-1)  at java.lang.Thread.run(Thread.java:662)
17:51:44,294 ERROR [stderr] (pool-27-thread-1) Caused by: java.io.FileNotFoundException: /export/home/ana50/.keystore (No such file or directory)
17:51:44,295 ERROR [stderr] (pool-27-thread-1)  at java.io.FileInputStream.open(Native Method)
17:51:44,295 ERROR [stderr] (pool-27-thread-1)  at java.io.FileInputStream.<init>(FileInputStream.java:120)
17:51:44,295 ERROR [stderr] (pool-27-thread-1)  at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getStore(JSSESocketFactory.java:253)
17:51:44,296 ERROR [stderr] (pool-27-thread-1)  at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getKeystore(JSSESocketFactory.java:208)
17:51:44,296 ERROR [stderr] (pool-27-thread-1)  at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:280)
17:51:44,297 ERROR [stderr] (pool-27-thread-1)  at org.jboss.modcluster.mcmp.impl.JSSESocketFactory.<init>(JSSESocketFactory.java:98)
17:51:44,297 ERROR [stderr] (pool-27-thread-1)  ... 5 more

I went over all modcluster open and closed bugs without finding any relevant solution. I'm getting these error when using absolute paths as well.




--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira