Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Unable to see Glassfish logs in eclipse console

I am unable to see Glassfish's log in the eclipse console.

I have tried right-clicking on the GlassFish server in Servers -> Glassfish -> View log file but it shows me a file which ends with this:

2018-09-04T18:36:51.945+0100|Severe: The SSL certificate has expired: [
[
  Version: V3
  Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key:  Sun RSA public key, 1024 bits
  modulus: 135786214035069526348186531221551781468391756233528066061569654028671100866720352830303278016129003918213826297308054231261658522889438712013757624116391437358730449661353175673177742307421061340003741057138887918110217006515773038453829253517076741780039735595086881329494037450587568122088113584549069375417
  public exponent: 65537
  Validity: [From: Sat Aug 22 17:41:51 BST 1998,
               To: Wed Aug 22 17:41:51 BST 2018]
  Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
  SerialNumber: [    35def4cf]
Certificate Extensions: 7
[1]: ObjectId: 1.2.840.113533.7.65.0 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 0D 30 0B 1B 05 56 33   2E 30 63 03 02 06 C0     ..0...V3.0c....
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 48 E6 68 F9 2B D2 B2 95   D7 47 D8 23 20 10 4F 33  H.h.+....G.# .O3
0010: 98 90 9F D4                                        ....
]
]
[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:true
  PathLen:2147483647
]
[4]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
  [DistributionPoint:
     [CN=CRL1, OU=Equifax Secure Certificate Authority, O=Equifax, C=US]

which does not change at all, whether I stop,restart,run a webapp on the GF server, etc, and if I actually look at the file (...\glassfish5\glassfish\domains\domain1\logs\server.log) I find that the content that it is showing is at around line 5400 and there are actually 8600 lines in the server.log file, so there are actually over 3000 lines in the server.log file than the last ones that are shown in eclipse. For example, the timestamp in the log extract is 18:36 but the current time is 21:21 and the current tail of hte file is this:

[2018-09-04T21:02:45.234+0100] [glassfish 5.0] [INFO] [AS-WEB-GLUE-00172] [javax.enterprise.web] [tid: _ThreadID=100 _ThreadName=Thread-23] [timeMillis: 1536091365234] [levelValue: 800] [[
  Loading application [__admingui] at [/]]]

[2018-09-04T21:02:45.235+0100] [glassfish 5.0] [INFO] [NCLS-CORE-00022] [javax.enterprise.system.core] [tid: _ThreadID=100 _ThreadName=Thread-23] [timeMillis: 1536091365235] [levelValue: 800] [[
  Loading application __admingui done in 2,175 ms]]

[2018-09-04T21:14:29.419+0100] [glassfish 5.0] [INFO] [] [] [tid: _ThreadID=30 _ThreadName=Thread-8] [timeMillis: 1536092069419] [levelValue: 800] [[
  doGet - name=null]]

Furthermore, the server.log file, when I open it in Notepad++, maddeningly does not refresh when the file is modified. I have to reload it from disk to see changes in the file. Consequently, the only way it seems that I can actually monitor this log file is by using a tail -f from cygwin.

Anyone have any ideas how to fix this, in particular how I can see glassfish's log output, including SOPs, in real time in eclipse? It works fine in Netbeans.

Thanks very much for any help.

EDIT

I have noticed that when I restart the server, in eclipse's console the server.log file is re-read, but always (it seems) only up to the same point: the bit where the severe warning about the SSL certificate expiry appears:

2018-09-04T23:27:33.879+0100|Info: visiting unvisited references
2018-09-04T23:27:34.425+0100|Severe: The SSL certificate has expired: [
[
  Version: V3
  Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key:  Sun RSA public key, 1024 bits
  modulus: 135786214035069526348186531221551781468391756233528066061569654028671100866720352830303278016129003918213826297308054231261658522889438712013757624116391437358730449661353175673177742307421061340003741057138887918110217006515773038453829253517076741780039735595086881329494037450587568122088113584549069375417
  public exponent: 65537
  Validity: [From: Sat Aug 22 17:41:51 BST 1998,
               To: Wed Aug 22 17:41:51 BST 2018]
  Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
  SerialNumber: [    35def4cf]
Certificate Extensions: 7
[1]: ObjectId: 1.2.840.113533.7.65.0 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 0D 30 0B 1B 05 56 33   2E 30 63 03 02 06 C0     ..0...V3.0c....
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 48 E6 68 F9 2B D2 B2 95   D7 47 D8 23 20 10 4F 33  H.h.+....G.# .O3
0010: 98 90 9F D4                                        ....
]
]
[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:true
  PathLen:2147483647
]
[4]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
  [DistributionPoint:
     [CN=CRL1, OU=Equifax Secure Certificate Authority, O=Equifax, C=US]

Here, the server.log stops. No further content from the server.log file ever appears in eclipse's console.

like image 887
JL_SO Avatar asked Sep 04 '18 20:09

JL_SO


People also ask

How do I view GlassFish server logs?

By default all GlassFish Server log information is captured in the server. log file, typically located in domain-dir /logs. You can view logging information by using the Administration Console or the asadmin utility. You can also open the server.

How do I view the full console log in Eclipse?

It can be changed by going to Windows --> Preferences --> Run/Debug --> Console and then unchecking "Limit Console Output" which is ON by default. This works on STS any version too. This would help printing complete console output. For a Mac it is Eclipse > Preferences > Run/Debug > Console.

Where are Eclipse console logs stored?

Workspace log - This is the most common location for the log file, It is stored in your workspace in the meta-data directory. Check out workspace/. metadata/. log .


1 Answers

What's strange, is that it - on a fresh glassfish install - initially isn't a problem and everything's logged as expected. But after a while, the log will become empty.

I finally found that removing the expired certificates from glassfish returns logging to normal.

What i did:

  1. Figure out the aliases for the expired certificates. Run: cd domains/<domain>/config keytool -v -list -keystore cacerts.jks For example you'll see that the equifax you've mentioned will resolve to the following alias: equifaxsecureca
  2. Remove the certificate from your certs file: RUN: keytool -delete -keystore cacerts.jks -alias equifaxsecureca -storePass changeit

For convenience, the below script is what i currently (28th july) use on glassfish & payara.

cd ${GLASSFISH_HOME}/glassfish/domains/domain1/config/ && \
for cert in "equifaxsecureca" "gtecybertrustglobalca" "utnuserfirstclientauthemailca" "deutschetelekomrootca2" "secomvalicertclass1ca" "valicertclass2ca" "entrustsslca" "certplusclass2primaryca" "certplusclass3pprimaryca" "utndatacorpsgcca" "utnuserfirstobjectca" "utnuserfirstobjectca [jdk]" "utnuserfirsthardwareca" "cert_45_deutsche_telekom_root_ca_245" "cert_29_certplus_class_2_primary_ca29" "cert_38_deutsche_telekom_root_ca_238" "utnuserfirsthardwareca [jdk]" "certplusclass3pprimaryca [jdk]" "certplusclass2primaryca [jdk]" "utnuserfirstclientauthemailca [jdk]"; \
do \
keytool -delete -keystore cacerts.jks -alias "$cert" -storePass changeit || echo "cert not present";\
done

keytool can be found in your jdk/bin folder.

The same applies to payara as well.

like image 93
Ivo Jonker Avatar answered Nov 07 '22 01:11

Ivo Jonker