In case SSL through Elytron ssl-context is configured for management interface then JBoss CLI is not able to authenticate when it is run with IBM JDK.
It works correctly when
- Legacy SSL is used instead of Elytron ssl-context
- or non-IBM JDK is used for JBoss CLI
- or only authentication without SSL is used
It fails for http-interface as well as native-interface.
When different client is used for connection to management interface (I tried it with ModelControllerClient) then authentication and SSL works correctly.
For http-interface following output of CLI is print:
Failed to connect to the controller: The controller is not available at localhost:9993: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+https://localhost:9993. The connection failed: WFLYPRT0053: Could not connect to remote+https://localhost:9993. The connection failed: java.nio.channels.ClosedChannelException
For native-interface following output of CLI is print:
Failed to connect to the controller: Unable to negotiate SSL connection with controller at localhost:9999
This issues is reported in EAP 7.1.0.DR18 because previous versions have not been able to start application server with IBM JDK. We request blocker since IBM JDK is supported and missing ability to connect to application server with secured connection blocks RFE EAP7-628.
- is cloned by
-
WFCORE-2832 JBoss CLI run with IBM JDK is not able to use secure connection when server uses Elytron ssl-context
- Resolved
- is incorporated by
-
JBEAP-11137 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta26
- Closed
- is related to
-
JBEAP-11114 Documentation: describe -Dcom.ibm.jsse2.overrideDefaultTLS CLI parameter
- Closed
- relates to
-
JBEAP-11765 JMS client fails to connect with SSL on IBM JDK 8
- Closed