Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-8912

Remoting tries to create SSLSocketFactory even when not desired

    XMLWordPrintable

Details

    • Hide

      Add the code in the description before a web service invocation.

      Show
      Add the code in the description before a web service invocation.
    • Hide

      Install a Log4J filter that denies the confusing ERROR log message. Remoting still tries to create its own SSLSocketFactory, but it will harmlessly fail silently.

      Show
      Install a Log4J filter that denies the confusing ERROR log message. Remoting still tries to create its own SSLSocketFactory , but it will harmlessly fail silently.
    • Hide
      If you had configured JBossWS clients to use the socket factory returned by HttpsURLConnection.getDefaultSSLSocketFactory(), then you would receive an ERROR log message even though the configuration would work properly. The code causing this issue has been cleaned up, and a new property is available to tell JBossWS to use the default SSL socket factory: StubExt.PROPERTY_DEFAULT_SSL_SOCKET_FACTORY.
      Show
      If you had configured JBossWS clients to use the socket factory returned by HttpsURLConnection.getDefaultSSLSocketFactory(), then you would receive an ERROR log message even though the configuration would work properly. The code causing this issue has been cleaned up, and a new property is available to tell JBossWS to use the default SSL socket factory: StubExt.PROPERTY_DEFAULT_SSL_SOCKET_FACTORY.
    • Documented as Resolved Issue
    • NEW

    Description

      Running the following code is an alternative way to set the keystore/truststore in a remoting client:

       KeyStore ksTrust = KeyStore.getInstance("JKS");
    ksTrust.load(new FileInputStream("testTrust"), passphrase);

    TrustManagerFactory tmf =
        TrustManagerFactory.getInstance("SunX509");
    tmf.init(ksTrust);

    SSLContext sslContext = SSLContext.getInstance("TLS");
    sslContext.init(null, tmf.getTrustManagers(), null);

    HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());

      When this code is added, Remoting should not try to create its own SSLSocketFactory. Currently there is no way to tell Remoting to not try. This causes a confusing ERROR message:

      Error creating SSL Socket Factory for client invoker: Error initializing socket factory SSL context: Can not find truststore url.

      After this message is logged, the client still works because it falls back to the default SSLSocketFactory (that was already set).

      Attachments

        Issue Links

          blocks

          Task - Represents a small unit of work that is not end-user facing. JBPAPP-9494 [JBossWS] Release and upgrade JBossWS Native for EAP 5.2.0

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              rh-ee-klape Kyle Lape
              rh-ee-klape Kyle Lape
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: