CDV ❯ dev console doesn't work with ssl enabled

• Type: Bug
• Status: New
• Priority: 2 Major
• Resolution:
• Component/s:
• Labels:

• Assignee: mmoldenh
• Reporter: mmoldenh
• Created: December 05, 2012
• Votes: 0
• Watchers: 3
• Updated:

  January 22, 2013
• Resolved:

Attachments

• mmoldenh (2.00 k) text/xml tc-config2ServerSecurity.xml

Description

dev console doesn’t work with ssl enabled

Comments

Alexander Snaps 2012-12-05

Do you actually launch it using the -s ? You need to explicitly tell it you’ll be connecting to a secured environment. You can alter the shell script to always use it should that be more convenient for you… It will also need a valid license file.

Maxim Moldenhauer 2012-12-05

I didn’t enable jmx security, just ssl security. When I run with -s I get a “Permission denied: connect”. Do you need both ssl and jms security enabled?

Alexander Snaps 2012-12-05

You will need the -s to turn SSL on, then use valid credentials to authenticate yes

Maxim Moldenhauer 2012-12-05

I’m still getting the same message after following the instructions here: http://terracotta.org/documentation/bigmemorymax/terracotta-server-array/managing-security

Alexander Snaps 2012-12-05

I’m lost now… You don’t have to setup anything on the server (other than the security stuff I think you had done already). Then, when using the dev-console, you need to turn the secured transport on explicitly (using -s), which basically setups up SSL. If you use a non valid cert, you need to set the other system props, just as for the servers and clients. Then, when starting the dev-console and connecting to the L2 you should be prompted for the credentials to use to connect.

I’m not saying this is or isn’t broken for you currently, I’m just not quite sure what’s broken where really until now.

So can you confirm the SSL layer is setup properly ?

Maxim Moldenhauer 2012-12-05

Attaching tc-config

Maxim Moldenhauer 2012-12-05

I’ve attached my server config file. Both servers connect to one another (one active and one passive) and say they have ssl enabled. Then, when using the dev-console, I turn the secured transport on explicitly and I set the following as java options -Dtc.ssl.trustAllCerts=”true” -Dtc.ssl.disableHostnameVerifier=”true”.

When I try to connect I get the Permission denied: connect with no prompts to supply credentials.

Maxim Moldenhauer 2012-12-05

Before I set those java options I got “unable to find valid certification path to requested target” so they definitely get me past one issue.

Fiona OShea 2013-01-21

Maxim are you still having issues?

Maxim Moldenhauer 2013-01-22

I moved onto something else. I could never get this working.