1037837 – Invalid commands in procedure in 2-way SSL for management interface/CLI

Bug 1037837 - Invalid commands in procedure in 2-way SSL for management interface/CLI

Summary: Invalid commands in procedure in 2-way SSL for management interface/CLI

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	Documentation
Sub Component:
Version:	6.2.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	GA
Target Release:	EAP 6.3.0
Assignee:	gsheldon
QA Contact:	Russell Dickenson
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-12-03 21:45 UTC by Chris Dolphy
Modified:	2018-12-03 20:52 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:	Build Name: 14876, Security Guide-6.2-1 Build Date: 18-10-2013 13:25:27 Topic ID: 22641-542817 [Latest]
Last Closed:	2014-06-28 15:28:18 UTC
Type:	Bug

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Chris Dolphy 2013-12-03 21:45:27 UTC

Title: Using 2-way SSL for the Management interface and the CLI

Describe the issue:

Two issues in step #4 of the procedure.

1) This command is invalid:
/core-service=management/security-realm=CertificateRealm:add/server-identity=ssl:add(keystore-path=/path/to/HOST1.keystore.jks,keystore-password=secret, alias=HOST1_alias)

The first :add is a mistake and should be:
/core-service=management/security-realm=CertificateRealm/server-identity=ssl:add(keystore-path=/path/to/HOST1.keystore.jks,keystore-password=secret, alias=HOST1_alias)

2) It doesn't indicate that these command are only for standalone.  If you run these commands on a domain setup you are left with a server that won't start.

One needs to add /host=master before each command for a domain mode install.

Suggestions for improvement:

Be nice if it would give an example for 'point the interface to it:'

Additional information:

Comment 1 gsheldon 2014-02-17 04:27:13 UTC

(In reply to Chris Dolphy from comment #0)
> Title: Using 2-way SSL for the Management interface and the CLI
> 
> Describe the issue:
> 
> Two issues in step #4 of the procedure.
> 
> 1) This command is invalid:
> /core-service=management/security-realm=CertificateRealm:add/server-
> identity=ssl:add(keystore-path=/path/to/HOST1.keystore.jks,keystore-
> password=secret, alias=HOST1_alias)
> 
> The first :add is a mistake and should be:
> /core-service=management/security-realm=CertificateRealm/server-identity=ssl:
> add(keystore-path=/path/to/HOST1.keystore.jks,keystore-password=secret,
> alias=HOST1_alias)

Corrected.

> 
> 2) It doesn't indicate that these command are only for standalone.  If you
> run these commands on a domain setup you are left with a server that won't
> start.
> 
> One needs to add /host=master before each command for a domain mode install.

Added the following Important note:

Important
  The provided commands apply to standalone mode only. For domain mode, add /host=master before each command. 
	

> 
> Suggestions for improvement:
> 
> Be nice if it would give an example for 'point the interface to it:'
> 
> Additional information:

Setting to Modified.

Comment 2 Scott Mumford 2014-02-26 05:14:51 UTC

Moving to ON_QA.

The changes should be available for review on the documentation stage within an hour or so from this comment.

http://documentation-devel.engineering.redhat.com/site/documentation/en-US/JBoss_Enterprise_Application_Platform/

Comment 3 Scott Mumford 2014-02-26 05:16:17 UTC

Moving to ON_QA.

The changes should be available for review on the documentation stage within an hour or so from this comment.

http://documentation-devel.engineering.redhat.com/site/documentation/en-US/JBoss_Enterprise_Application_Platform/

Comment 4 Ondrej Lukas 2014-02-26 14:26:58 UTC

Verified on stage.

Note You need to log in before you can comment on or make changes to this bug.