Here you go.
Using Jetty 9.4.1 demo-base ...
$ cd /path/to/jetty-distribution-9.4.1.v20170120/demo-base
$ keytool -genkeypair -keyalg RSA -keystore jmxkeystore.jks -dname
cn=test,ou=localhost,dc=example,dc=com
(I created the keystore with password 'changeme')
$ mkdir modules
$ vim modules/jmx-ssl.mod
--(snip)--
[depend]
jmx
[exec]
-Dcom.sun.management.jmxremote
-Dcom.sun.management.jmxremote.port=1616
-Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.registry.ssl=true
-Dcom.sun.management.jmxremote.ssl=true
-Dcom.sun.management.jmxremote.ssl.need.client.auth=false
-Djavax.net.ssl.keyStore=${jetty.base}/jmxkeystore.jks
-Djavax.net.ssl.keyStorePassword=changeme
-Djavax.net.ssl.trustStore=${jetty.base}/jmxkeystore.jks
-Djavax.net.ssl.trustStorePassword=changeme
--(/snip)--
$ vim jconsole-ssl.sh
--(snip)--
#!/bin/bash
jconsole \
-J-Djavax.net.ssl.keyStore=jmxkeystore.jks \
-J-Djavax.net.ssl.keyStorePassword=changeme \
-J-Djavax.net.ssl.trustStore=jmxkeystore.jks \
-J-Djavax.net.ssl.trustStorePassword=changeme \
localhost:1616
--(/snip)--
(run demo-base server)
$ java -jar ../start.jar --module=jmx-ssl
(in other console window ...)
$ ./jconsole-ssl.sh
- Joakim
Joakim Erdfelt / [email protected]
On Thu, Feb 9, 2017 at 1:50 PM, Simone Bordet <[email protected]> wrote:
> Hi,
>
> On Thu, Feb 9, 2017 at 9:17 PM, Brian Reichert <[email protected]>
> wrote:
> > On Thu, Feb 09, 2017 at 09:23:16PM +0100, Simone Bordet wrote:
> >> Keep only the jmx module, remove the jmx-remote module.
> >
> > BTW, I do appreciate your guidance here.
> >
> > I've tried this:
> >
> > java -jar ../start.jar --module=jmx
> >
> > That only opened up the two configured HTTP[S] ports:
> >
> > # lsof -P -n -p 20378 | grep TCP
> > java 20378 root 90u IPv6 1257602 0t0 TCP
> *:8080 (LISTEN)
> > java 20378 root 97u IPv6 1257607 0t0 TCP
> *:8443 (LISTEN)
> >
> > From the startup messages:
> > ServerConnector@27f674d{HTTP/1.1,[http/1.1]}{0.0.0.0:8080}
> > ServerConnector@67b64c45{SSL,[ssl, http/1.1]}{0.0.0.0:8443}
>
> Sure.
>
> You have to add the JMX system properties as described in
> https://docs.oracle.com/javase/8/docs/technotes/
> guides/management/agent.html.
>
> The Jetty JMX module exports Jetty components as MBeans, but those
> stay within the JVM.
> If you want to be able to connect to the JVM from remote via JMX, then
> you have to either A) enable the jmx-remote module, or B) add the
> system properties as above.
>
> --
> Simone Bordet
> ----
> http://cometd.org
> http://webtide.com
> Developer advice, training, services and support
> from the Jetty & CometD experts.
> _______________________________________________
> jetty-users mailing list
> [email protected]
> To change your delivery options, retrieve your password, or unsubscribe
> from this list, visit
> https://dev.eclipse.org/mailman/listinfo/jetty-users
>
_______________________________________________
jetty-users mailing list
[email protected]
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
