On Wed, Feb 08, 2017 at 06:43:32PM +0100, Simone Bordet wrote:
> If you want to have JMX over SSL, just enable the jmx module in Jetty.
> This will expose the Jetty components as MBeans.
>
> Then you enable all the relevant system properties reported by the
> link above to enable remote monitoring via SSL.
Ok, I've tried these invocations, and none of them yield an SSL
certificate when I connect to port 1099, when I use the 'demo-base'
app:
# pwd
/usr/jetty-distribution-9.3.8.v20160314/demo-base
java -jar ../start.jar --module=jmx,jmx-remote
# This should be the operational default, but just to make sure...
java -Dcom.sun.management.jmxremote.ssl=true \
-jar ../start.jar --module=jmx,jmx-remote
# RMI Registry Authentication is 'false' by default
java -Dcom.sun.management.jmxremote.ssl=true \
-Dcom.sun.management.jmxremote.registry.ssl=true \
-jar ../start.jar --module=jmx,jmx-remote
Should any of these have worked? Or am I misunderstanding what
you're saying?
> The reason of the existence of the jmx-remote module is that the
> default support by the JVM opens a random port for the
> JMXConnectorServer, which is not friendly for firewalls.
Pretty neat. :)
> --
> Simone Bordet
> ----
> http://cometd.org
> http://webtide.com
> Developer advice, training, services and support
> from the Jetty & CometD experts.
> _______________________________________________
> jetty-users mailing list
> [email protected]
> To change your delivery options, retrieve your password, or unsubscribe from
> this list, visit
> https://dev.eclipse.org/mailman/listinfo/jetty-users
--
Brian Reichert <[email protected]>
BSD admin/developer at large
_______________________________________________
jetty-users mailing list
[email protected]
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
