[jboss-user] [EJB3] - Re: EJB3 over SSL doesn't work for remote client

Wen Cheng do-not-reply at jboss.com
Thu Sep 1 22:06:22 EDT 2011

Wen Cheng [http://community.jboss.org/people/chengwen] created the discussion

"Re: EJB3 over SSL doesn't work for remote client"

To view the discussion, visit: http://community.jboss.org/message/624379#624379

Hello, Siddu:

    I use jboss final. So my configuration is based on jboss6. 

     If you don't care to bind the IP address to the Jboss server, try to start jboss with:

-c default *-b* -Djavax.net.ssl.keyStore=C:/jboss-5.1.0.GA/server/default/conf/archserver.keystore -Djavax.net.ssl.keyStorePassword=testing

    If this doesn't work, tryp to change your pc name(maybe you need to restart your computer after the change). Remove the character "-" from your computer name. It's an "invalid" character form jboss, I think.

   The following is my conclusion during my "struggle" to run ejb3+ssl, please see if it helps.

   There are 4  ""sslsocket://" urls in the configuration.
   1) ejb3-connectors-jboss-beans.xml   
   2) jboss.xml in EJB jar META-INF fodler
   3) the ejb source code; @RemoteBinding(clientBindUrl="sslsocket://")
   4) the url of the start up parameter "-b", I think it is also has some thing to do

   After my test, I found that , of all the four places, only 2 is the key: the address in  "jboss.xml" and after "-b". This two should be match. If they are the same, then the ejb works. The other two are replaced by the "jboss.xml" url, I think.
   Let's talk about "-b" then.
   As you know ,"-b" means "jboss.bind.address", or the binding address of ALL the jboss service. Of all the services, I think the one connect to EJB is RMI. So what we should focus is only the binding address of RMI. The configuration file of rmi binding address is :

See the property "bindingAdress" and "rmiBindAddress" :

<property name="bindAddress">${jboss.bind.address:localhost}</property>
<property name="rmiBindAddress">${jboss.bind.address:localhost}</property>

In another word, I said "the adress in  "jboss.xml" and after "-b". This two should match", it really means :
 the address in  "jboss.xml" and the address in "naming-jboss-beans.xml". they two should be match.If they are the same, then the ejb "channel" is opened. What's more, I found that the address "" is not the right value. You can use the real IP address, the real hostname. Or you can use the variables like "${jboss.host.name}", or "${java.rmi.server.hostname}". But remember, if you use some variable, you must tell jboss the real value of  it when you start jboss.

So, try to set your exact IP address "**" in jboss.xml and naming-jboss-beans.xml, and restart you jboss with:
-c default *-b* -Djavax.net.ssl.keyStore=C:/jboss-5.1.0.GA/server/default/conf/archserver.keystore -Djavax.net.ssl.keyStorePassword=testing

Reply to this message by going to Community

Start a new discussion in EJB3 at Community

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20110901/8f07b0c3/attachment.html 

More information about the jboss-user mailing list