My application is spring boot application. I have been accessing it through JMX simple file-based authentication, but I am trying to changed to SSL enabled configuration.
Here is my properties for JMX. It has been working fine with file-based authentication, so port 9911 is opened.
jmxconfig.properties - Contains all the necessary options.
com.sun.management.jmxremote=true
com.sun.management.jmxremote.rmi.port=9911
com.sun.management.jmxremote.port=9911
com.sun.management.jmxremote.ssl=true
com.sun.management.jmxremote.registry.ssl=true
com.sun.management.jmxremote.authenticate=true
java.rmi.server.hostname=<my remote server>
com.sun.management.jmxremote.password.file=/apps/conf/jmxremote.password
com.sun.management.jmxremote.access.file=/apps/conf/jmxremote.access
com.sun.management.jmxremote.ssl.config.file=/apps/conf/jmxremote.properties
/apps/conf/jmxremote.properties (from above)
javax.net.ssl.keyStore=/apps/conf/data-ssl.keystore
javax.net.ssl.trustStore=/apps/conf/jconsole.truststore
javax.net.ssl.keyStorePassword=xxxxxxxxxx
javax.net.ssl.trustStorePassword=xxxxxxxxxx
JMX_OPTION="-Dcom.sun.management.config.file=/apps/conf/jmxconfig.properties"
java ${JMX_OPTION} -jar myapplication.jar
I am launching the jconsole with the following command.
jconsole -debug -J-Djavax.net.ssl.keyStore=/apps/local/conf/data-ssl.keystore -J-Djavax.net.ssl.keyStorePassword=xxxxxxxxxx -J-Djavax.net.ssl.trustStore=/apps/local/conf/jconsole.truststore -J-Djavax.net.ssl.trustStorePassword=xxxxxxxxxx -J-Djava.util.logging.config.file=/apps/local/conf/jmxlogging.properties
I am using the same keystore and truststore files that I configured in the remote server. All the files are in the right location and the keystore pswd is correct. but when I try to connect with jconsole, I am getting the following exception.
java.rmi.ConnectException: Connection refused to host: <my server ip address>; nested exception is:
java.net.ConnectException: Operation timed out (Connection timed out)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:623)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:342)
at sun.rmi.registry.RegistryImpl_Stub.lookup(RegistryImpl_Stub.java:116)
at sun.tools.jconsole.ProxyClient.checkSslConfig(ProxyClient.java:234)
at sun.tools.jconsole.ProxyClient.<init>(ProxyClient.java:127)
at sun.tools.jconsole.ProxyClient.getProxyClient(ProxyClient.java:475)
at sun.tools.jconsole.JConsole$3.run(JConsole.java:524)
Caused by: java.net.ConnectException: Operation timed out (Connection timed out)
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:606)
at java.net.Socket.connect(Socket.java:555)
at java.net.Socket.<init>(Socket.java:451)
at java.net.Socket.<init>(Socket.java:228)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:148)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:617)
... 8 more
Is there anything wrong with my configuration?
