On Jun 22, 2011, at 4:54 AM, Andre Brito wrote:
> It's not OpenEJB specific. We use the same properties to configure a JKS
> public certificate in JBoss too.
>
>
>> System.setProperty("javax.net.ssl.trustStoreType", "JKS");
>> System.setProperty("javax.net.ssl.trustStore", "the path to the JKS
>> file");
>> System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");
>>
>
Ok, so it isn't all system properties that give you trouble, it's these
specifically. I can't imagine that there is any real chance of system
properties in general being broken, but I certainly can see that some might not
"work". And when I say "work" what I really mean is that there are plenty of
system properties that are only evaluated once. If you set them after that
moment, they have no effect. So it could simply be a matter that these
properties are not getting set soon enough.
To rule out all other possibilities, try setting these properties as plain
-Djavax.net.ssl.trustStoreType=JKS JVM properties. If that works, then we know
this is just a timing issue. From there we can probably figure out another way
to set those properties if doing it on the command line is not the way you'd
like to do it.
If it doesn't work, then I probably need to get some info from you on what
those properties do specifically and how you're verifying they don't work.
The OpenEJB SystemInstance code won't help with VM-specific properties like the
ones above, just OpenEJB properties, so no need to pursue that angle any
further.
> The architect says that everything should stay in one VM. I actually agree
> with him, since the change that we'd have to make would be enormous (I tried
> and got a lot of problems along the way... very VERY weird problems - we
> have a Mail object that it's returned from a Session. The client that uses
> this Session gets this Mail object null and I don't know why, since there's
> no Exception). The architecture would have to change too much, so I guess
> that we're not in a very nice situation in this migration.
I'm not sure I can give too much advice on architecture and what two VMs vs one
VM might mean, but certainly if things like injection of Mail sessions are not
working we can absolutely help get to the bottom of it. We just need some
specific details like what the configuration looks like, the startup log output
which should show the session being created, and then what the lookup or
injection code looks like.
-David
