Right, you found the right place to start hacking. For SSL support, Karaf provides some support for Keystores and such, so I suggest you look at another exmaple such as http://svn.apache.org/repos/asf/karaf/trunk/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java Look at the setupSsl() method.
I think you'd have to provide an instance of javax.rmi.ssl.SslRMIServerSocketFactory somehow, but that's really not an area i've been using. I found the following which should help: https://issues.apache.org/jira/secure/attachment/12385652/GERONIMO-3876.21.patch On Fri, Apr 1, 2011 at 02:47, Dan Tran <[email protected]> wrote: > I now have karaf 2.2.x source loaded to my Eclipse, the closest place > I can see why karaf ignore the global system properties settings for > JMX SSL is org.apache.karaf.management.MBeanServerFactory.java > > this.connectorServer = > JMXConnectorServerFactory.newJMXConnectorServer(url, this.environment, > this.server); > > where 'this.environment' does not have proper settings from > blueprint's xml file?? > > Any help on this is greatly appreciated since I am very new to JMX development > > Thanks > > -D > > On Wed, Mar 30, 2011 at 2:39 PM, Dan Tran <[email protected]> wrote: >> I went on to add 2 addional ssl properties to >> >> etc/system.properties >> >> javax.net.ssl.keyStore=${karaf.home}/etc/keystore >> javax.net.ssl.trustStore=${karaf.home}/etc/truststore >> >> and bin/karaf script >> >> - Djavax.net.ssl.keyStore=$DIRNAME/etc/keystore >> -Djavax.net.ssl.trustStore=$DIRNAME/etc/truststore >> >> either one has any effect ( i am expecting error from karaf saying >> those stores file are not available, since I have not created them >> yet? >> >> Is it a bug? >> >> Has any one able to get SSL working with JMX? >> >> Thanks >> >> -Dan >> >> >> On Mon, Mar 28, 2011 at 11:53 PM, Dan Tran <[email protected]> wrote: >>> filed at https://issues.apache.org/jira/browse/KARAF-541 >>> >>> Thanks >>> >>> -Dan >>> >>> On Mon, Mar 28, 2011 at 11:26 PM, Guillaume Nodet <[email protected]> wrote: >>>> I suppose you could try with adding the needed properties into >>>> etc/system.properties as indicated at >>>> http://download.oracle.com/javase/1.5.0/docs/guide/management/agent.html >>>> but I think a better way could be offered through properties in >>>> etc/org.apache.karaf.management.cfg and our jaas support for >>>> keystores. I've actually never used JMX on SSL so not sure how to >>>> set up that programmatically, but feel free to raise a JIRA for that. >>>> >>>> On Tue, Mar 29, 2011 at 03:29, Dan Tran <[email protected]> wrote: >>>>> Hi >>>>> >>>>> I am looking for info on how to configure Karaf's JMX connection with >>>>> SSL. The closest I can get to is >>>>> http://karaf.apache.org/manual/2.2.0/developers-guide/debugging.html >>>>> >>>>> Thanks >>>>> >>>>> -Dan >>>>> >>>> >>>> >>>> >>>> -- >>>> Cheers, >>>> Guillaume Nodet >>>> ------------------------ >>>> Blog: http://gnodet.blogspot.com/ >>>> ------------------------ >>>> Open Source SOA >>>> http://fusesource.com >>>> >>> >> > -- Cheers, Guillaume Nodet ------------------------ Blog: http://gnodet.blogspot.com/ ------------------------ Open Source SOA http://fusesource.com
