Skip to Main Content
Forums

Java APIs

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

JVM monitoring via JMX with SSL?

843793Sep 18 2008 — edited May 2 2009
I'm trying to use the java 5 capabilities to monitor GC in a running JVM. I have no problem doing so using user/password authentication. But I can't seem to get a connection to the JVM from my client if it's using SSL. I've searched this forum and several other threads & documents & can't figure out what I'm doing wrong. I'm sure it's something basic.

The Server (JVM to be monitored) is very simple:

public static void main(String[] args) {

System.setProperty("javax.net.ssl.keyStore", "ServerKeyFile.jks");
System.setProperty("javax.net.ssl.trustStore", "ServerTrustFile.jks");
System.setProperty("javax.net.ssl.keyStorePassword","pass");
System.setProperty("javax.net.ssl.trustStorePassword","pass");

int i = 0;
while (true) {
try {
System.out.println("Loop " + i++);
Thread.sleep(10000);
} catch (Exception e) {
System.out.println("Caught " + e);
}
}

}

I'm starting this with -Dcom.sun.management.config.file=config.txt

The config.txt has this:

com.sun.management.jmxremote.port=9744
com.sun.management.jmxremote.ssl=true
com.sun.management.jmxremote.ssl.need.client.auth=true
com.sun.management.jmxremote.authenticate=true
com.sun.management.jmxremote.password.file=password.conf
com.sun.management.jmxremote.access.file=access.conf

The client is started with a similar config file. The client code looks like this:

public static void main(String[] args) {
try {
System.setProperty("javax.net.ssl.keyStore", "ClientKeyFile.jks");
System.setProperty("javax.net.ssl.trustStore", "ClientTrustFile.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "pass");
System.setProperty("javax.net.ssl.trustStorePassword", "pass");
String host = args[0];
int portNum = 9744;
String user = "username";
String pass = "password";

JMXServiceURL u = new JMXServiceURL(
"service:jmx:rmi:///jndi/rmi://" + host + ":" + portNum + "/jmxrmi");
Map env = new HashMap();
String[] credentials = new String[] { user , pass };
env.put("jmx.remote.credentials", credentials);

JMXConnector c = JMXConnectorFactory.connect(u, env);
} catch (Exception e) {
System.out.println("Caught exception: " + e);
}
}

If I change the config file to set com.sun.management.jmxremote.ssl to false on the server & client, I can get a connection. If I set it to true I get an SSLHandshakeException "handshake_failure".

Can anybody point out what I'm doing wrong?

Thanks
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on May 30 2009
Added on Sep 18 2008
#remote-method-invocation-rmi
8 comments
284 views