[jboss-jira] [JBoss JIRA] (WFCORE-4296) Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions

Giovanni Lovato (Jira) issues at jboss.org
Tue Jul 30 10:32:02 EDT 2019 

    [ https://issues.jboss.org/browse/WFCORE-4296?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13764805#comment-13764805 ] 

Giovanni Lovato commented on WFCORE-4296:
-----------------------------------------

Damn, you're right! I was mislead since when I'm trying to enable SSL but when I do WildFly does not start anymore and it says:

{code}
WFLYHC0034: Host Controller boot has failed in an unrecoverable manner; exiting. See previous messages for details.
{code}

And the only previous messages are about that warning (see below)!

{code}
=========================================================================

  JBoss Bootstrap Environment

  JBOSS_HOME: /opt/wildfly

  JAVA: java

  JAVA_OPTS: -server -Xms64m -Xmx512m -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djava.awt.headless=true  --add-exports=java.base/sun.nio.ch=ALL-UNNAMED --add-exports=jdk.unsupported/sun.misc=ALL-UNNAMED --add-exports=jdk.unsupported/sun.reflect=ALL-UNNAMED

=========================================================================

16:27:11,357 INFO  [org.jboss.modules] (main) JBoss Modules version 1.9.1.Final
16:27:11,595 INFO  [org.jboss.threads] (main) JBoss Threads version 2.3.3.Final
16:27:11,606 INFO  [org.jboss.as.process.Host Controller.status] (main) WFLYPC0018: Starting process 'Host Controller'
[Host Controller] 16:27:12,117 INFO  [org.jboss.modules] (main) JBoss Modules version 1.9.1.Final
[Host Controller] 16:27:12,374 INFO  [org.jboss.msc] (main) JBoss MSC version 1.4.8.Final
[Host Controller] 16:27:12,383 INFO  [org.jboss.threads] (main) JBoss Threads version 2.3.3.Final
[Host Controller] 16:27:12,429 INFO  [org.jboss.as] (MSC service thread 1-2) WFLYSRV0049: WildFly Full 17.0.1.Final (WildFly Core 9.0.2.Final) starting
[Host Controller] 16:27:12,910 INFO  [org.wildfly.security] (Host Controller Service Threads - 4) ELY00001: WildFly Elytron version 1.9.1.Final
[Host Controller] 16:27:13,332 INFO  [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0003: Creating http management service using network interface (management) port (-1) securePort (9993)
[Host Controller] 16:27:13,350 INFO  [org.xnio] (MSC service thread 1-6) XNIO version 3.7.2.Final
[Host Controller] 16:27:13,356 INFO  [org.xnio.nio] (MSC service thread 1-6) XNIO NIO Implementation Version 3.7.2.Final
[Host Controller] 16:27:13,490 INFO  [org.jboss.remoting] (MSC service thread 1-2) JBoss Remoting version 5.0.12.Final
[Host Controller] WARNING: An illegal reflective access operation has occurred
[Host Controller] WARNING: Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions (jar:file:/opt/wildfly/modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-9.0.2.Final.jar!/) to method com.sun.net.ssl.internal.ssl.Provider.isFIPS()
[Host Controller] WARNING: Please consider reporting this to the maintainers of org.wildfly.extension.elytron.SSLDefinitions
[Host Controller] WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
[Host Controller] WARNING: All illegal access operations will be denied in a future release
[Host Controller] 16:27:13,545 INFO  [org.jboss.as.patching] (MSC service thread 1-1) WFLYPAT0050: WildFly Full cumulative patch ID is: base, one-off patches include: none
[Host Controller] 16:27:13,566 WARN  [org.jboss.as.domain.management.security] (MSC service thread 1-7) WFLYDM0111: Keystore /opt/wildfly/domain/configuration/application.keystore not found, it will be auto generated on first use with a self signed certificate for host localhost
[Host Controller] 16:27:13,931 WARN  [org.jboss.as.remoting] (MSC service thread 1-3) ****** All authentication is ANONYMOUS for org.jboss.as.remoting.RemotingHttpUpgradeService
[Host Controller] 16:27:13,964 FATAL [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0034: Host Controller boot has failed in an unrecoverable manner; exiting. See previous messages for details.
[Host Controller] 16:27:13,965 FATAL [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0178: Aborting with exit code 99
[Host Controller] 16:27:13,994 INFO  [org.jboss.as] (MSC service thread 1-1) WFLYSRV0050: WildFly Full 17.0.1.Final (WildFly Core 9.0.2.Final) stopped in 16ms
[Host Controller]
16:27:14,339 INFO  [org.jboss.as.process.Host Controller.status] (reaper for Host Controller) WFLYPC0011: Process 'Host Controller' finished with an exit status of 99
16:27:14,345 INFO  [org.jboss.as.process] (Thread-7) WFLYPC0017: Shutting down process controller
16:27:14,347 INFO  [org.jboss.as.process] (Thread-7) WFLYPC0016: All processes finished; exiting
{code}

> Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions
> -------------------------------------------------------------------------
>
>                 Key: WFCORE-4296
>                 URL: https://issues.jboss.org/browse/WFCORE-4296
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security
>         Environment: Windows 7 x64. Java 11: OpenJDK 64-Bit Server VM AdoptOpenJDK (build 11+28-201810022317, mixed mode)
>            Reporter: Marco Del Percio
>            Priority: Major
>              Labels: Java11, access, elytron, illegal, reflective, wildfly
>
> After configuring HTTPS using the following guide: [Enable One-way SSL/TLS for Applications|http://docs.wildfly.org/14/WildFly_Elytron_Security.html#configure-ssltls], configuration seems ok and server boots fine however an illegal reflective access warning comes up from jar within Elytron:
> {color:red}
> WARNING: An illegal reflective access operation has occurred
> WARNING: Illegal reflective access by org.wildfly.extension.elytron.SSLDefinitions (jar:file:/D:/wildfly-14.0.1.Final_FleetManager/modules/system/layers/base/org/wildfly/extension/elytron/main/wildfly-elytron-integration-6.0.2.Final.jar!/) to method com.sun.net.ssl.internal.ssl.Provider.isFIPS()
> WARNING: Please consider reporting this to the maintainers of org.wildfly.extension.elytron.SSLDefinitions
> WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
> WARNING: All illegal access operations will be denied in a future release
> {color}



--
This message was sent by Atlassian Jira
(v7.12.1#712002)

More information about the jboss-jira mailing list