On Wed, Feb 08, 2017 at 05:38:21PM +0100, Simone Bordet wrote: > Hi, > > On Wed, Feb 8, 2017 at 5:12 PM, Brian Reichert <[email protected]> wrote: > > That I'm willing to do, but I was hoping for, at least, some > > confirmation that my expectations are correct. > > > > - should this, out of the box, spin up a SSL-protected JXM interface? > > > > java -jar start.jar --module=jmx,jmx-remote,ssl > > No. the "ssl" module is for connectors, not for jmx. The fact that JMX > may open a server socket is not influenced by the ssl module.
True, 'ssl' does what you say; I kicked it into play to otherwise demonstrate that my jetty-based server does have the trustStore/keyStore properly configured, implying that they would be utilized by the SSL-enabled JMX interface. According to Oracle: https://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html SSL is enabled by default when you enable remote monitoring and management. To use SSL, you need to set up a digital certificate on the system where the JMX agent (the MBean server) is running and then configure SSL properly. My expectation was that my successful SSL test would satisfy the above requirements. Was I incorrect in that matter? > > > - should I be able to disable authentication by setting > > > > -Dcom.sun.management.jmxremote. authenticate=false? > > I'd say yes. > > -- > Simone Bordet > ---- > http://cometd.org > http://webtide.com > Developer advice, training, services and support > from the Jetty & CometD experts. > _______________________________________________ > jetty-users mailing list > [email protected] > To change your delivery options, retrieve your password, or unsubscribe from > this list, visit > https://dev.eclipse.org/mailman/listinfo/jetty-users -- Brian Reichert <[email protected]> BSD admin/developer at large _______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
