Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-8147

TLS between domain and host controllers does not work (Legacy Configuration)

    XMLWordPrintable

Details

    Description

      This is regression against EAP 7.0 . Customers relying on this feature won't be able to migrate to EAP 7.1.

      Working configuration of TLS between domain and host controller from EAP 7.0 (legacy) does not work on EAP 7.1 anymore.
      In server log there is this error:

      server.log
      [Host Controller] Caused by: java.io.IOException: Client starting STARTTLS but channel doesn't support SSL
[Host Controller] 	at org.jboss.remoting3.remote.ClientConnectionOpenListener$StartTls.handleEvent(ClientConnectionOpenListener.java:527)
[Host Controller] 	at org.jboss.remoting3.remote.ClientConnectionOpenListener$StartTls.handleEvent(ClientConnectionOpenListener.java:477)
[Host Controller] 	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
[Host Controller] 	at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
[Host Controller] 	at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89)
[Host Controller] 	at org.xnio.nio.WorkerThread.run(WorkerThread.java:567)
[Host Controller] 	at ...asynchronous invocation...(Unknown Source)
[Host Controller] 	at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:466)
[Host Controller] 	at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:437)
[Host Controller] 	at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:430)
[Host Controller] 	at org.jboss.as.protocol.ProtocolConnectionUtils.connect(ProtocolConnectionUtils.java:163)
[Host Controller] 	at org.jboss.as.protocol.ProtocolConnectionUtils.connectSync(ProtocolConnectionUtils.java:119)
[Host Controller] 	... 9 more

      See attached server.log for context log.

      Tests in wildfly-core covering this scenario are currently ignored:

      • SSLMasterSlaveOneWayTestCase is ignored by WFCORE-1978
      • SSLMasterSlaveTwoWayTestCase is ignored by WFCORE-2068

      Attachments

        Issue Links

          is blocked by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-10809 Upgrade Remoting to 5.0.0.Beta22

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified
          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. WFCORE-2521 TLS between domain and host controllers does not work

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Resolved
          is incorporated by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-10508 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta21

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified
          is related to

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-10245 HTTPSConnectionWithCLITestCase and HTTPSManagementInterfaceTestCase Failing Due To Native Protocol Issue

          • Critical - To be worked on immediately following BLOCKER issues.
          • Verified

          Bug - A problem that impairs or prevents the functions of the product. WFCORE-2068 HTTPSConnectionWithCLITestCase and HTTPSManagementInterfaceTestCase Failing Due To Native Protocol Issue

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Resolved

          Task - Represents a small unit of work that is not end-user facing. WFCORE-1978 Add support for client cert authentication in domain mode.

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Resolved

          Activity

            People

              darran.lofthouse@redhat.com Darran Lofthouse
              mchoma@redhat.com Martin Choma
              Martin Choma Martin Choma
              Martin Choma Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: