Remote JMX SSL bug fix and updated tests

[roberttoyonaga]

This is a follow up to this pull request here: #6250

It adds a reflection configuration that was missing, but needed for a JMX client to connect using SSL. The tests have been updated to connect with SSL and password authentication.

I've included dummy password, access, and SSL files required to configure the JMX properties needed for authentication and SSL.

[roberttoyonaga]

Hi @fniephaus here's the fix I was mentioning and also the corresponding test updates.

[fniephaus]

Thanks for the follow up PR. I left two minor comments.

[fniephaus]

Is there anything important in here that needs to be documented?

[roberttoyonaga]

I've now added some more explanation for why the ssl files are needed and how they were created here. I also added the client.cer file (although it isn't really needed) for completeness.

[fniephaus]

Could you please document and provide instructions how the files in jmxremoteresources are created? We need to be able to recreate them. Maybe a README.md in substratevm/src/com.oracle.svm.test/src/com/oracle/svm/test/jmx/jmxremoteresources) may actually be better than a code comment (you could reference the README in the code comment).

[roberttoyonaga]

Okay good idea. I will add that

[fniephaus]

LGTM

[fniephaus]

client.cer currently uses the following information: Issuer: C = ZZ, ST = GraalVM, L = GraalVM, O = GraalVM, OU = GraalVM, CN = GraalVM.

I think we should avoid GraalVM here and use something like JmxTest instead.

[roberttoyonaga]

ok I've updated it to use "JmxTest" now :)

[roberttoyonaga]

Hi @fniephaus! I've added a README.md explaining the steps needed to create the supporting dummy SSL and password files. I've also rebased with master, fixed the conflicts, and added the fix from #11568 so that the tests can pass.

GraalVM Gate // compiler style,fullbuild,test JDKlatest is failing on multiple other recent PRs and seems to be related to the compiler, not this PR.

Please have another look at this PR when you have time.

[fniephaus]

I went over the PR and added a commit (see #11599).

An internal reviewer mentioned we need to get rid of the binary files. Is there any way you could build on 19c02bd and make is so that the keytool is invoked in the temporary directory?

[roberttoyonaga]

I went over the PR and added a commit (see #11599).

An internal reviewer mentioned we need to get rid of the binary files. Is there any way you could build on 19c02bd and make is so that the keytool is invoked in the temporary directory?

Hi @fniephaus! Thank you for doing that. I've cherry-picked your commit and added a new commit on top of it here. The new commit uses keytool programmatically and creates the ssl files in the temporary directory.

[fniephaus]

Thanks for taking care of this, @roberttoyonaga. I have refactored the test some more and now, all files are inlined into the test file and on-the-fly created in the temp directory.

if you could reset your branch to this commit and squash all commits, I think this is ready to be integrated.

[roberttoyonaga]

I have refactored the test some more and now, all files are inlined into the test file and on-the-fly created in the temp directory.
if you could reset your branch to this commit and squash all commits, I think this is ready to be integrated.

Great, thank you @fniephaus. I've reset and squashed the commits.

[fniephaus]

LGTM, thank you @roberttoyonaga!