Red Hat Bugzilla – Bug 535621
get CLI to work over SSL
Last modified: 2009-11-10 16:22:50 EST
get the CLI to work over SSL.
RemoteClient hardcodes the transport to servlet in init().
It should try sslservlet if the connection fails, because it might be tryign to go over SSL.
We shoud also allow the user to tell us explicitly to use SSL (--secure command line option).
refactored lots of cli code to get this to work. now can provide keystore/truststore information to connect to server - you can use it for just encryption but you can also use it for authentication (and you can authenticate cli-to-server as well as the server-to-cli using truststores if you want).
This is on dev's plate.
http://jira.rhq-project.org/browse/RHQ-2301 provides more detailed information on this. When invoking the login command as described in RHQ-2301, you can specify the port and transport layer to use as demonstrated below,
rhqadmin@localhost:7080$ login rhqadmin rhqadmin localhost 7443 sslservlet
rhqadmin@localhost:7080$ login rhqadmin rhqadmin localhost 7443
both of the above will result in communication going over port 7443 using the sslservlet transport layer. This can also be done from the rhq-cli(.sh|.bat) start-up script as follows,
$ rhq-cli.sh -u rhqadmin -p rhqadmin -s localhost --port=7443
Note however that you *must* specify the host; otherwise the port argument will be ignored and the default (7080) will be used. This will logged under a separate jira.
Opened RHQ-2425 for the issue involving the port value being ignored when the host is not specified with the start up script.
This bug was previously known as http://jira.rhq-project.org/browse/RHQ-2298
This bug is duplicated by RHQ-2199