[jboss-jira] [JBoss JIRA] (WFLY-2950) jboss-cli using https-remoting: command not executed if certificate is unrecognised

Darran Lofthouse (JIRA) issues at jboss.org
Tue Feb 18 08:01:50 EST 2014 

    [ https://issues.jboss.org/browse/WFLY-2950?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12945526#comment-12945526 ] 

Darran Lofthouse commented on WFLY-2950:
----------------------------------------

Feel free to create a Jira issue in this project for that one - it will require additional consideration as it is encouraging a bad practice.  

Where scripting is concerned we would recommend running the CLI manually first and using the 'P' option after verifying the digests of the servers certificate are actually valid and that an intermediary is not in place interceptor all your traffic to the application server.
                
> jboss-cli using https-remoting: command not executed if certificate is unrecognised
> -----------------------------------------------------------------------------------
>
>                 Key: WFLY-2950
>                 URL: https://issues.jboss.org/browse/WFLY-2950
>             Project: WildFly
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: CLI, Domain Management
>    Affects Versions: 8.0.0.Final
>         Environment: Windows 7 Pro
>            Reporter: Darren Jones
>            Assignee: Darran Lofthouse
>              Labels: cli, shutdown
>             Fix For: 8.0.1.Final
>
>
> When using the https management interface from jboss-cli, commands passed with a command line option (such as --command=:shutdown) are not executed if the server certificate is unrecognised - even if accepting the certificate [T]emporarily or [P]ermenantly.
> It appears to be due to the CommandContextImpl.handleSSLFailure() method, which calls error("Unable to connect..."). The error() method sets the exitCode to 1. So, when CliLauncher.processCommands() subsequently runs, it sees that the cmdCtx.exitCode is 1 and ignores any commands.
> I guess the handleSSLFailure needs to reset the exitCode to 0 if the user chooses [T] or [P].

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list