[jboss-user] [JBossWS] - SSL and native libraries

fastbob do-not-reply at jboss.com
Wed Mar 5 01:14:11 EST 2008

Hopefully I have the correct forum section. While I've researched the issue a bit, I can't claim to fully understand what's going on. 

On Windows XP, using JBoss 4.2.2 (no modifications) and Sun jdk 1.6, we enabled SSL by uncommenting the SSL connector in service.xml:
          <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
  |            address="${jboss.bind.address}" maxThreads="100" 
  |            scheme="https" secure="true" clientAuth="false"
  |            keystoreFile="${jboss.server.home.dir}/conf/my.keystore"
  |            keystorePass="something" sslProtocol = "TLS" />
This seemed to be handled fine during startup - no native library found but startup continued and SSL worked:
05:47:06,150 INFO  [NativeServerConfig] JBoss Web Services - Native
  | 05:47:06,150 INFO  [NativeServerConfig] jbossws-native-2.0.1.SP2 (build=200710210837)
  | 05:47:06,941 INFO  [Embedded] Catalina naming disabled
  | 05:47:07,281 INFO  [AprLifecycleListener] The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: C:\Java\jdk1.6.0\bin;.;C:\WINDOWS\Sun\Java\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\Java\jdk1.6.0\bin;C:\Java\apache-ant-1.7.0\bin;C:\Java\jikes_1.22\bin;C:\Java\maven-2.0.7\bin;c:\tools\cygwin\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\cvsnt;C:\Program Files\MySQL\MySQL Server 5.0\bin;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\QuickTime\QTSystem\
  | 05:47:07,352 INFO  [Http11Protocol] Initializing Coyote HTTP/1.1 on http-
  | 05:47:08,083 INFO  [Http11Protocol] Initializing Coyote HTTP/1.1 on http-
  | 05:47:08,093 INFO  [AjpProtocol] Initializing Coyote AJP/1.3 on ajp-

On Fedora8 Linux, we copied the same JBoss directory to the system (same Sun jdk 1.6). However, the log showed the following during startup:
03:22:19,508 INFO  [NativeServerConfig] JBoss Web Services - Native
  | 03:22:19,508 INFO  [NativeServerConfig] jbossws-native-2.0.1.SP2 (build=200710210837)
  | 03:22:20,310 INFO  [Embedded] Catalina naming disabled
  | 03:22:20,462 WARN  [Connector] Property debug not found on the protocol handler.
  | 03:22:20,466 WARN  [Connector] Property clientAuth not found on the protocol handler.
  | 03:22:20,466 WARN  [Connector] Property keystoreFile not found on the protocol handler.
  | 03:22:20,467 WARN  [Connector] Property keystorePass not found on the protocol handler.
  | 03:22:20,747 INFO  [AprLifecycleListener] Loaded Apache Tomcat Native library 1.1.10.
  | 03:22:20,751 INFO  [AprLifecycleListener] APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].
  | 03:22:21,092 INFO  [Http11AprProtocol] Initializing Coyote HTTP/1.1 on http-
  | 03:22:21,094 ERROR [Http11AprProtocol] Error initializing endpoint
  | java.lang.Exception: No Certificate file specified
  |         at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method)
  |         at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:683)
  | ...
So it appears that on Fedora the native library was loaded, but then the properties of the SSL connector were not loaded. Startup eventually failed due to the port being in use:
03:23:12,305 INFO  [Http11AprProtocol] Starting Coyote HTTP/1.1 on http-
  | 03:23:12,383 ERROR [Http11AprProtocol] Error starting endpoint
  | java.lang.Exception: Socket bind failed: [98] Address already in use
  |         at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:611)
  |         at org.apache.tomcat.util.net.AprEndpoint.start(AprEndpoint.java:716)
  |         at org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:137)
I'm not clear what we need to change in the configuration to get things working on Linux. It seems like removing the native library would work against better performance. Any pointers would be appreciated. Thanks.


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4134121#4134121

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4134121

More information about the jboss-user mailing list