test

Sun Java System Application Server Enterprise Edition 8.2 Administration Guide

Connecting JConsole Securely to Application Server

This section describes how to connect JConsole to Application Server with security enabled on the JMX Connector. By default, security is enabled on Application Server Enterprise Edition. Use this procedure if you have security enabled on the Platform Edition's JMX Connector.

  1. Install Application Server on the client machine (where JConsole is installed).

    The only reason you need this is to let JConsole know where the server certificate of the Domain Administration Server that you trust is located. To obtain that certificate, invoke at least one remote asadmin command and to do that, you need the local installation of Application Server.

  2. Start the Application Server Enterprise Edition on appserver.sun.com.

    Since this is an Enterprise Edition domain, the system JMX Connector server is secure.

  3. From the local Application Server installation, run install-dir/bin/asadmin list --user admin --secure=true --host appserver.sun.com --port 4849 (where 4849 is the server's admin port).

    Though asadmin list command is chosen for this example, you can run any remote asadmin command. You will now be prompted to accept the certificate sent by the DAS of appserver.sun.com.

  4. Press y to accept the certificate sent by the Domain Administration Server on appserver.sun.com.

    The server's certificate is stored in a file called .asadmintruststore in your home directory on the client machine.

    Note –

    This step is not required if your server machine and client machine is the same. That is, if you are running JConsole also on appserver.sun.com.

  5. Let JConsole know the DAS's trust store location by using the following JConsole command:

    JDK-dir/bin/jconsole.exe -J-Djavax.net.ssl.trustStore="C:/Documents and Settings/user/.asadmintruststore"

    This certificate is now automatically trusted by JConsole.

  6. Start JConsole by running JDK_HOME/bin/jconsole

  7. In the Connect to Agent tab of JConsole, enter user name, password, host name and port (8686, by default).

    The user name refers to the admin user name and password refers to the admin password of the domain.

  8. Click Connect.

    In the JConsole window you will see all your MBeans, VM information etc., in various tabs.