Ssl 如何在两个jboss节点之间创建域控制的jboss集群,并在两个节点上启用HTTPS
我正在尝试创建一个jboss集群,其中包含两个jboss节点master和slave,都位于不同的虚拟机上。对这两个系统进行的配置如下:Ssl 如何在两个jboss节点之间创建域控制的jboss集群,并在两个节点上启用HTTPS,ssl,jboss,jboss7.x,Ssl,Jboss,Jboss7.x,我正在尝试创建一个jboss集群,其中包含两个jboss节点master和slave,都位于不同的虚拟机上。对这两个系统进行的配置如下: <interfaces> <interface name="management"> <inet-address value="${jboss.bind.address.management:<ip_of_master>}"/> </interface> <
<interfaces>
<interface name="management">
<inet-address value="${jboss.bind.address.management:<ip_of_master>}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:<ip_of_master>}"/>
</interface>
<interface name="unsecure">
<inet-address value="<ip_of_master>"/>
</interface>
</interfaces>
大师:
在host.xml中,ssl添加到managementRealm标记中:
<security-realms>
<security-realm name="ManagementRealm">
<server-identities>
<ssl>
<keystore path="<jboss-cert-folder>/jboss.jks" keystore-password="${VAULT::sslKeyStore::password::1}"/>
</ssl>
</server-identities>
<authentication>
<local default-user="$local"/>
<properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
</authentication>
<authorization map-groups-to-roles="false">
<properties path="mgmt-groups.properties" relative-to="jboss.domain.config.dir"/>
</authorization>
</security-realm>
这是从jboss的console.log中显示的所有错误。密钥交换已经正确完成,因为我能够在从机的信任存储文件中列出主机的密钥,反之亦然
请调查并提供任何建议
<security-realm name="ManagementRealm">
<server-identities>
<ssl>
<keystore path="<jboss-cert-folder>/jboss.jks" keystore-password="${VAULT::sslKeyStore::password::1}"/>
</ssl>
<secret value="base 64 secret value generated at the time of slave user creation" />
</server-identities>
<authentication>
<local default-user="$local"/>
<properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
</authentication>
<authorization map-groups-to-roles="false">
<properties path="mgmt-groups.properties" relative-to="jboss.domain.config.dir"/>
</authorization>
</security-realm>
<domain-controller>
<!--local/-->
<remote host="<ip of master>" port="9999"/>
</domain-controller>
<interfaces>
<interface name="management">
<inet-address value="${jboss.bind.address.management:<ip of slave>}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:<ip of slave>}"/>
</interface>
<interface name="unsecure">
<inet-address value="<ip of slave>"/>
</interface>
</interfaces>
[Host Controller] 15:14:11,985 ERROR [org.jboss.remoting.remote.connection] (Remoting "hostname:MANAGEMENT" read-1) JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
[Host Controller] 15:14:11,990 ERROR [org.jboss.as.host.controller] (Controller Boot Thread) JBAS010901: Could not connect to master. Aborting. Error was: java.lang.IllegalStateException: JBAS010942: Unable to connect due to authentication failure.
[Host Controller] 15:14:12,010 INFO [org.jboss.as] (MSC service thread 1-4) JBAS015950: JBoss EAP 6.2.2.GA (AS 7.3.2.Final-redhat-2) stopped in 17ms
15:14:12,333 INFO [org.jboss.as.process.Host Controller.status] (reaper for Host Controller) JBAS012010: Process 'Host Controller' finished with an exit status of 99
15:14:12,336 INFO [org.jboss.as.process] (Thread-8) JBAS012016: Shutting down process controller
15:14:12,336 INFO [org.jboss.as.process] (Thread-8) JBAS012015: All processes finished; exiting