I have just finished installing ejbca community edition on top of wildfly. The EJBCA server is a VM in the azure cloud.
everything went fine during build : Build successful for every 3 steps of deployment.
- ant deployear
- ant runinstall
- ant deploy-keystore)
Versions :
Wildfly 18.0
EJBCA 7.4.3.2
Ant 1.10.10
Mysql Ver 15.1 Distrib 10.3.27-MariaDB
JDBC connector : mariadb 2.7.3
Debian 10 buster
However i am unable to reach the destination
https://<public ip address>:8443/ejbca/
Error message :
The connection has timed out
The server at <my public ip @> is taking too long to respond.
So, started checking the different ports open :
**remote** nmap scan from my local vm to the remote EJBCA VM :
nmap -Pn8080,22,8442,8443,9990,3306 52.188.59.103
Host is up (0.037s latency).
Not shown: 995 filtered ports
PORT STATE SERVICE
21/tcp open ftp
80/tcp open http
443/tcp open https
554/tcp open rtsp
1723/tcp open pptp
Nmap done: 1 IP address (1 host up) scanned in 5.62 seconds
On the EJBCA VM a local port scan shows that port 8443 and 8080 are open :
rDNS record for 127.0.0.1: localhost
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
3306/tcp open mysql
8080/tcp open http-proxy
8443/tcp open https-alt
Azure connectivity tests from my ip to EJBCA host is OK for every ports tested.
however, online Port check says ports 8443 and 8442 are closed https://portchecker.co/
So i don't know which test to trust ?
I tried disabling both my local firewall and my proxy but it didn't make any difference.
I did a tcpdump on the EJBCA server whilst trying to access ejbca url : but nothing was displayed.
What am i missing here ? What other tests can i perform?
EDIT :
serverlog: (errors and warnings )
web admin error:
2021-06-14 13:00:07,332 ERROR [org.jboss.as.jsf] (MSC service thread 1-2) WFLYJSF0002: Could not load JSF managed bean class: org.ejbca.ui.web.admin.peerconnector.PeerConnectorsMBean
2021-06-14 13:00:07,433 ERROR [org.jboss.as.jsf] (MSC service thread 1-2) WFLYJSF0002: Could not load JSF managed bean class: org.ejbca.ui.web.admin.peerconnector.PeerConnectorMBean
Deprecated lib:
2021-06-14 13:00:14,598 WARN [org.jboss.weld.Bootstrap] (MSC service thread 1-4) WELD-000146: BeforeBeanDiscovery.addAnnotatedType(AnnotatedType<?>) used for class com.sun.faces.flow.FlowDiscoveryCDIHelper is deprecated from CDI 1.1!
Severe errors :
2021-06-14 13:00:15,967 SEVERE [javax.enterprise.resource.webcontainer.jsf.flow] (MSC service thread 1-4) Unable to obtain CDI 1.1 utilities for Mojarra
2021-06-14 13:00:15,971 SEVERE [javax.enterprise.resource.webcontainer.jsf.application.view] (MSC service thread 1-4) Unable to obtain CDI 1.1 utilities for Mojarra
Warnings:
2021-06-14 13:00:16,770 INFO [org.ejbca.core.ejb.StartupSingletonBean] (ServerService Thread Pool -- 94) Init, EJBCA 7.4.3.2 Community (67479006a69140e81d66e39871bed8255362effc) startup.
2021-06-14 13:00:16,780 WARN [io.undertow.servlet] (ServerService Thread Pool -- 66) UT015020: Path /* is secured for some HTTP methods, however it is not secured for [HEAD, POST, GET]
2021-06-14 13:00:16,780 WARN [io.undertow.servlet] (ServerService Thread Pool -- 73) UT015020: Path /* is secured for some HTTP methods [...]
