Sun GlassFish Enterprise Server v2.1.1 Administration Guide

ProcedureConnecting JConsole Securely to Application Server

This procedure describes how to connect JConsole to Enterprise Server with security enabled on the JMX Connector. By default, security is enabled on Enterprise Server cluster or enterprise profiles. Use this procedure if you have security enabled on the developer profile's JMX Connector.

  1. Install Enterprise Server on the client machine (where JConsole is installed).

    The only reason you need this is to let JConsole know where the server certificate of the Domain Administration Server that you trust is located. To obtain that certificate, invoke at least one remote asadmin command and to do that, you need the local installation of Enterprise Server.

  2. Start the Enterprise Server on appserver.sun.com.

    Since this is a cluster or enterprise domain, the system JMX Connector server is secure. To enable security on the developer profile JMX Connector, see the Admin Console online help.

  3. From the local Enterprise Server installation, run install-dir\bin\asadmin list --user admin --secure=true --host appserver.sun.com --port 4848 (where 4848 is the server's administration port).

    Though asadmin list command is chosen for this example, you can run any remote asadmin command. You are prompted to accept the certificate sent by the DAS of appserver.sun.com.

  4. Press y to accept the certificate sent by the DAS on appserver.sun.com.

    The server's certificate is stored in a file called .asadmintruststore in your home directory on the client machine.


    Note –

    This step is not required if your server machine and client machine is the same. That is, if you are running JConsole also on appserver.sun.com.


  5. Let JConsole know the trust store location by using the following JConsole command:

    JDK-dir\bin\jconsole.exe -J-Djavax.net.ssl.trustStore="C:\Documents and Settings\user\.asadmintruststore"

  6. Start JConsole by running JDK_HOME/bin/jconsole

  7. In the Connect to Agent tab of JConsole, enter user name, password, host name and port (8686, by default).

    The user name refers to the administration user name and password refers to the administration password of the domain.

  8. Click Connect.

    In the JConsole window you will see all your MBeans, VM information etc., in various tabs.