In the documentation on Java management, in the section headed "Mimicking Out-of-the-Box Management Using the JMX Remote API" (see bottom of page), it shows you how you can manually expose your MBeanServer via JMX. Something like this:
public static void main(String[] args) throws IOException {
final MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
final Map<String, Object> env = new HashMap<String, Object>();
final SslRMIClientSocketFactory csf = new SslRMIClientSocketFactory();
env.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE, csf);
final SslRMIServerSocketFactory ssf = new SslRMIServerSocketFactory();
env.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, ssf);
final int port = 32154;
System.setProperty("java.rmi.server.randomIDs", "true");
final Registry registry = LocateRegistry.createRegistry(port /*, csf, ssf */);
JMXServiceURL url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://:" + port + "/jmxrmi");
JMXConnectorServer cs = JMXConnectorServerFactory.newJMXConnectorServer(url, env, mbs);
cs.start();
If you try and run this code, this exception is repeatedly thrown (and you cannot remotely connect to the server):
26-Nov-2015 16:42:21:085: [sun.rmi.transport.tcp - FINE] [14]: RMI TCP Connection(4)-10.210.50.223: terminated with exception:
Exception in 14: Received fatal alert: certificate_unknown
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1822)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1004)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:818)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
at java.io.BufferedInputStream.read(BufferedInputStream.java:237)
at java.io.DataInputStream.readInt(DataInputStream.java:370)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:686)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:662)
I thought "it must be that the registry is not created with the relevant socket factories", so I uncommented the relevant arguments to LocateRegistry.createRegistry
. But now this exception is thrown (and the application fails to start)
Exception in thread "main" java.io.IOException: Cannot bind to URL [rmi://:32154/jmxrmi]: javax.naming.CommunicationException [Root exception is java.rmi.ConnectIOException: non-JRMP server at remote endpoint]
at javax.management.remote.rmi.RMIConnectorServer.newIOException(RMIConnectorServer.java:804)
at javax.management.remote.rmi.RMIConnectorServer.start(RMIConnectorServer.java:417)
at gsa.core.monitor.ExposeMBeansViaSsl.main(ExposeMBeansViaSsl.java:32)
Note: the application is run with the relevant javax.net.ssl
system properties set, as described in the tutorial. Anyone know what is going on?