Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Jetty 10 SSL Problem

I just checked.

Running --debug gave me 23 command line entries with one being a temporary "start_XXX.properties" file.
I checked that file while the JVM was running and it does contain the correct password/settings.

Running --list-config showed the following system properties:

System Properties:
------------------
 java.io.tmpdir = tmp (/opt/shibboleth-idp/start.d/start.ini)
 java.security.egd = file:/dev/urandom (/opt/shibboleth-idp/start.d/start.ini)

Disabling those obviously removed the need for jetty to fork the JVM.
--list-config also showed the correct keystore configuration with no extra whitespace or similar.

 jetty.sslContext.keyManagerPassword = changeit
 jetty.sslContext.keyStorePassword = changeit
 jetty.sslContext.keyStorePath = jetty.p12
 jetty.sslContext.keyStoreType = PKCS12
 jetty.sslContext.trustStorePassword = changeit
 jetty.sslContext.trustStorePath = jetty.p12
 jetty.sslContext.trustStoreType = PKCS12

Though the problem still persists.


Mit freundlichen Grüßen/Best Regards
Timo Brunn

Website: timo-brunn.de
Um ihre Echtheit zu bestätigen, wurde diese E-Mail digital signiert.
To prove its authenticity, this E-Mail has been digitally signed.
On 28/06/2023 22:08, Joakim Erdfelt wrote:
The forked JVM gets its arguments directly handed to it by using java.lang.ProcessBuilder(List<String> args).
The properties are passed in as a properties file to the forked JVM as well. 

It would be highly unlikely to be a forked JVM command line argument issue.
But let's investigate that anyway.

You can enable start.jar debug with `java -jar /path/to/start.jar --debug` when you execute.
Look for the lines with the patterns

DEBUG: Command Line: <num> entries

That tells you how many arguments.

DEBUG: [<num>] "<value>"

That dumps each command line argument separately, with added quotes around it in the DEBUG output (quotes not sent to forked JVM).

You can also use `java -jar /path/to/start.jar --list-config` and check the output.

If there are any entries in the "System Properties:" section, you will have a forked JVM.
The entries in the "Properties:" section list all of the configured properties for your instance.

Joakim Erdfelt / joakim@xxxxxxxxxxx


On Wed, Jun 28, 2023 at 2:35 PM Cantor, Scott <cantor.2@xxxxxxx> wrote:
> Im not using dry-run but the JVM does get forked.

I'd suggest verifying that it's not showing up in some manipulated form as a property on the command line of the child process. Just to be sure.

-- Scott


_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Back to the top