Bug 535831 - (RHQ-2487) IBM J9 (even version 5.0) causes the agent to puke with a JBoss Remoting error related to the certificate
IBM J9 (even version 5.0) causes the agent to puke with a JBoss Remoting erro...
Product: RHQ Project
Classification: Other
Component: Agent (Show other bugs)
All All
medium Severity medium (vote)
: ---
: RHQ 4.8
Assigned To: John Mazzitelli
ibm vm IbmX509 J9 AIX
: SubBug
: RHQ-2416 (view as bug list)
Depends On:
Blocks: RHQ-2416 rhq_triage
  Show dependency treegraph
Reported: 2009-11-04 20:08 EST by Andrew C. Oliver
Modified: 2013-09-11 05:53 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
AIX, IBM J9 vm (jdk 1.5)
Last Closed: 2013-09-11 05:53:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Andrew C. Oliver 2009-11-04 20:08:00 EST
java.io.IOException: Error initializing server socket factory SSL context: SunX509 KeyManagerFactory not available
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:158)
        at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:20)
        at org.jboss.remoting.security.SSLSocketBuilder.loadKeyManagers(SSLSocketBuilder.java:1472)
        at org.jboss.remoting.security.SSLSocketBuilder.initializeServerSocketFactorySSLContext(SSLSocketBuilder.java:1250)
        at org.jboss.remoting.security.SSLSocketBuilder.createCustomServerSocketFactory(SSLSocketBuilder.java:366)
        at org.jboss.remoting.security.SSLSocketBuilder.createSSLServerSocketFactory(SSLSocketBuilder.java:346)
        at org.jboss.remoting.security.SSLSocketBuilder.createSSLServerSocketFactory(SSLSocketBuilder.java:325)
        at org.jboss.remoting.security.SSLServerSocketFactoryService.start(SSLServerSocketFactoryService.java:61)
        at org.rhq.enterprise.communications.ServiceContainer.initializeSecurityServices(ServiceContainer.java:1342)
        at org.rhq.enterprise.communications.ServiceContainer.setupServerConnector(ServiceContainer.java:1193)
        at org.rhq.enterprise.communications.ServiceContainer.start(ServiceContainer.java:550)
        at org.rhq.enterprise.communications.ServiceContainer.start(ServiceContainer.java:468)
        at org.rhq.enterprise.agent.AgentMain.startCommServices(AgentMain.java:2110)
        at org.rhq.enterprise.agent.AgentMain.start(AgentMain.java:624)
        at org.rhq.enterprise.agent.AgentMain.main(AgentMain.java:406)

Looks like (http://www.google.com/codesearch/p?hl=en&sa=N&cd=1&ct=rc#9krPMA6e7qo/src/org/jboss/remoting/security/SSLSocketBuilder.java&q=org.jboss.remoting.security.SSLSocketBuilder.java).

Adding -Dorg.jboss.remoting.keyStoreAlgorithm=IbmX509 as an option in rhq-agent-env.sh in the bin directory and using the "advanced setup" with IbmX509 as the "Server Side Keystore Algorithm" and "Keystore Trust Store Algorithm" on the client side.  Make this work.

Ideally the docs mention this and more ideally the default is IbmX509 when the vm is IBM instead of Sun.

Comment 1 Red Hat Bugzilla 2009-11-10 16:05:22 EST
This bug was previously known as http://jira.rhq-project.org/browse/RHQ-2487
Comment 2 wes hayutin 2010-02-16 11:57:11 EST
Temporarily adding the keyword "SubBug" so we can be sure we have accounted for all the bugs.

new = Tracking + FutureFeature + SubBug
Comment 3 wes hayutin 2010-02-16 12:02:15 EST
making sure we're not missing any bugs in rhq_triage
Comment 4 Corey Welton 2010-10-06 23:45:24 EDT
*** Bug 535753 has been marked as a duplicate of this bug. ***
Comment 5 John Mazzitelli 2013-05-30 10:03:50 EDT
fixed as part of bug #968357
git commit to master: 32e712e4da7a4ba93babb7e41c67c71aa1a838f7
Comment 6 Heiko W. Rupp 2013-09-11 05:53:35 EDT
Bulk closing of old issues now that HRQ 4.9 is in front of the door.

If you think the issue has not been solved, then please open a new bug and mention this one in the description.

Note You need to log in before you can comment on or make changes to this bug.