[英]Monitor Websphere Liberty Profile with JConsole
I'm trying to monitor my WLP v8.5.5 with JConsole. 我正在尝试使用JConsole监视WLP v8.5.5。
My Liberty profile is up and running and has SSL properlly configured. 我的自由配置文件已启动并正在运行,并且已正确配置了SSL。 I also have configured as features the monitor-1.0 and restConnector-1.0.
我还配置了Monitor-1.0和restConnector-1.0作为功能。
After that I sftp'ed from my WLP the restConnector.jar to my machine and created a keystore on my machine as described here 从那以后,我从我的WLP的restConnector.jar我的机器sftp'ed并按照上述方法创建了我的机器上的密钥存储在这里
After that I'm trying to start JConsole with this command: 之后,我尝试使用以下命令启动JConsole:
jconsole -J-Djava.class.path="C:\Program Files\Java\jdk1.7.0_67\lib\jconsole.jar;
C:\Program Files\Java\jdk1.7.0_67\lib\tools.jar;
<whereIDownloaded>\restConnector.jar"
-J-Djavax.net.ssl.keyStore="<locationToCreated>\keystore.jks"
-J-Djavax.net.ssl.keyStorePassword=<password>
-J-Djavax.net.ssl.keyStoreType=jks
-J-Dcom.ibm.ws.jmx.connector.client.disableURLHostnameVerification=true
However, when I try to connect to my WLP via remote with the string: 但是,当我尝试通过远程使用字符串连接到WLP时:
service:jmx:rest://<ip>:<httpsPort>/IBMJMXConnectorREST
As a credential I'm passing a user configured on <administrator-role>
. 作为凭证,我要传递在
<administrator-role>
上配置的用户。
I get a JConsole error saying: 我收到一个JConsole错误,说:
Secure connection failed. Retry insecurely?
I don't get why I'm seeing this error, and I don't see any logs to see why it failed. 我不明白为什么会看到此错误,也看不到任何日志来查看为什么失败。 My next step if getting the keystore from WLP and try that on my machine but I don't think that makes much sense.
我的下一步是从WLP获取密钥库,然后在我的计算机上尝试该操作,但是我认为这没有多大意义。
Does anyone have any suggestion on where should I look for logs or on that I'm doing wrong? 有人对我应该在哪里寻找日志或我做错了有什么建议吗? Thanks in advance!
提前致谢!
Reference: http://www-01.ibm.com/support/knowledgecenter/SSAW57_8.5.5/com.ibm.websphere.wlp.nd.doc/ae/twlp_mon.html?cp=SSAW57_8.5.5%2F1-3-11-0-6&lang=en 参考: http : //www-01.ibm.com/support/knowledgecenter/SSAW57_8.5.5/com.ibm.websphere.wlp.nd.doc/ae/twlp_mon.html? cp= SSAW57_8.5.5%2F1-3- 11-0-6&郎= EN
Ensure you don't have localConnector-1.0
feature. 确保您没有
localConnector-1.0
功能。 If you have that, please remove it. 如果有,请删除它。 You can find more details here Remote monitoring of Liberty with Health Center .
您可以在此处通过Health Center远程监视Liberty来找到更多详细信息。 Although it discusses Health Center connection, I was testing using JConsole also.
尽管它讨论了Health Center连接,但我也在使用JConsole进行测试。
UPDATE UPDATE
You might be invoking console with incorrect params - it should be trustStore
not keystore
see below. 您可能正在使用错误的参数调用控制台-它应该是
trustStore
而不是keystore
请参见下文。 And for start use key.jks
copied from Liberty (as you need Liberty certificate as trusted) 对于开始使用从Liberty复制的
key.jks
(因为您需要Liberty证书受信任)
jconsole -J-Djava.class.path=%JAVA_HOME%/lib/jconsole.jar;
%JAVA_HOME%/lib/tools.jar;
%WLP_HOME%/clients/restConnector.jar
-J-Djavax.net.ssl.trustStore=key.jks
-J-Djavax.net.ssl.trustStorePassword=Liberty
-J-Djavax.net.ssl.trustStoreType=jks
For details check Configuring secure JMX connection to the Liberty 有关详细信息,请检查配置与Liberty的安全JMX连接。
As an additional note - you must not have a webAppSecurity
entry with loginFormURL
set in your server.xml as this will cause the JMX login to fail (eg, <webAppSecurity loginFormURL="login.html"/>
is problematic). 另外请注意-您必须在server.xml中没有设置带有
loginFormURL
的webAppSecurity
条目,因为这将导致JMX登录失败(例如, <webAppSecurity loginFormURL="login.html"/>
有问题)。 Each individual WAR needs to set their own login-config
and not rely on any global method of configuring logins. 每个单独的WAR需要设置自己的
login-config
,而不依赖于配置登录的任何全局方法。
` `
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.