16 messages in net.java.dev.glassfish.usersRe: upgrade problem| From | Sent On | Attachments |
|---|---|---|
| tho...@randspringer.de | Mar 1, 2011 4:52 am | |
| Tom Mueller | Mar 1, 2011 7:12 am | |
| tho...@randspringer.de | Mar 1, 2011 7:54 am | |
| Tim Quinn | Mar 1, 2011 8:11 am | |
| tho...@randspringer.de | Mar 1, 2011 8:19 am | |
| Anissa Lam | Mar 1, 2011 8:34 am | |
| tho...@randspringer.de | Mar 2, 2011 5:15 am | |
| tho...@randspringer.de | Mar 2, 2011 6:27 am | |
| rjfeng | Mar 2, 2011 7:04 am | |
| Martin Gainty | Mar 2, 2011 11:12 am | |
| Snjezana Sevo-Zenzerovic | Mar 2, 2011 11:57 am | |
| rjfeng | Mar 2, 2011 7:29 pm | |
| tho...@randspringer.de | Mar 4, 2011 8:17 am | |
| BAMOSS | Mar 4, 2011 9:12 am | |
| tho...@randspringer.de | Mar 7, 2011 1:24 am | |
| bam...@sceats.com | Mar 9, 2011 10:19 am |
| Subject: | Re: upgrade problem | |
|---|---|---|
| From: | Tim Quinn (tim....@oracle.com) | |
| Date: | Mar 1, 2011 8:11:15 am | |
| List: | net.java.dev.glassfish.users | |
Hello, Thomas.
I believe that these new symptoms - as well as the ones you described earlier - are the result of the way the Java runtime has addressed the problem in the SSL protocol Tom mentioned earlier.
You should run Java 1.6.0_22 or later on both the client and server side. That is the minimum version of Java which GlassFish 3.1 requires, partly because of the SSL security issue in earlier releases of Java.
GlassFish 3.1 and 3.0.1 are different in significant ways. One of them is improved security of admin traffic which requires Java 1.6.0_22 or later to work correctly, which 3.0.1 did not require. We do not recommend that users set the various security properties that might allow you to use earlier releases because that leaves your system more vulnerable.
- Tim
On Mar 1, 2011, at 9:55 AM, tho...@randspringer.de wrote:
Hm,
it worked with 3.0.1.
After I deinstalled some packagages(e.g. this cluster stuff) now GF at least talked to me when I added the --verbose option.
First I got this error: http://java.net/jira/browse/GLASSFISH-12041
I added the property: -Dsun.security.ssl.allowUnsafeRenegotiation=true to my domain.xml
and now I get:
java.lang.RuntimeException: ClientAbortException: java.io.IOException: SSLOutputWriter: CLOSED at org .glassfish.admin.rest.LazyJerseyInit.reportError(LazyJerseyInit.java: 200) at org .glassfish .admin.rest.adapter.RestAdapter.reportError(RestAdapter.java:453) at org .glassfish.admin.rest.adapter.RestAdapter.service(RestAdapter.java: 209)
What can I now do? I can not simply deinstall jersey because glassfish-gui and glassfish-management depends on it.
Thomas
Tom Mueller <tom....@oracle.com> hat am 1. März 2011 um 16:13 geschrieben:
I'm not sure that this is the problem, but GlassFish 3.1 running in with secure admin enabled requires a minimum JVM version of 1.6.0_22. I see from your jvm.log file that you are running 1.6.0_20.
There was an SSL vulnerability that was fixed in _22. When running with an older VM, the behavior of start-domain --secure is that it appears to hang even though the DAS actually started, because start-domain cannot establish a connection to the DAS to verify that it is up.
Tom
On 3/1/2011 6:52 AM, tho...@randspringer.de wrote:
Hi,
today I tried to upgrade our GF 3.0.1 to 3.1. We use it only as an servlet container for our rails-application.
I upgraded via the "updatetool" (source=stable.glassfish.org).
After installing the new packages I stopped the domain and I started it with the --upgrade option like suggested.
However now
asadmin --secure=true start-domain domain1
does not come back.
jvm.log and server.log are available from
http://www.randspringer.de/jvm.log
http://www.randspringer.de/server.log
What is the problem and how can I get the glassfish running again?
Thomas