sbesson
commented
1 year ago @drjrkuhn maybe we need a more precise stack trace but assuming your connection issue is primarily client-side, I would also not expect that omero.jvmcfg.append will have an effect as it is used for configuring the server JVM settings.
I think the JAVA_OPTS environment variable should allow you to set additional Java arguments to the command-line importer. It is sometimes used to give additional memory to the client-side candidate detection e.g. JAVA_OPTS="-Xmx2g" but in your case, you might be able to use it as follows
JAVA_OPTS="-Djava.security.properties=/home/myusername/.java.security" omero import...
drjrkuhn
One cannot pass additional command line arguments to the jvm when the importer.py plugin invokes java to perform file imports. The omero-py session has a builtin config option of omero.jvmcfg.append specifically for passing options to the jvm, but the pulgins/importer.py ignores this config setting.
All of this came about because I was having trouble using the importer from a remote omero-py session. I have traced it to java security policies, and would like to override the default java.security file with my own
-Djava.security.properties = /home/myusername/.java.security. The ultimate goal is to override my systemwidejdk.tls.disabledAlgorithms=...,DH keySize < 2048,...setting to a reasonable value of 1024 to talk to a remote omero server over SSL. One can get around the issue by using a global _JAVA_OPTION environment variable, but the default omero-py set config mechanism outlined in the properties documents should work.Incidentally, this issue is related to a lot of security and certificate issues people (including me) are having with omero-cli import. I finally traced it on my RHEL 8 install to a global security file
/etc/crypto-policies/back-ends/java.configthat overrides all other DH keySize options for TLS1.2 handshaking. After a lot of back and forth with trying to override with omero.jvmcfg.append, I realized these options were not being used in importer.py.