[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [jetty-users] ssl setup
|
Hi,
I also added the certificate in firefox under "Advanced\View Certificates\Servers".
Regards,
Miten Mehta
Morgan Stanley | Technology
Block B2, Nirlon Knowledge Park
S T Yadav Rd, Goregaon East
Mumbai 400063
Phone: +91 22 6138-5645
Miten.Mehta@xxxxxxxxxxxxxxxxx
On Mon, Jan 17, 2011 at 6:15 PM, Miten Mehta
<mitenm@xxxxxxxxxxxxxxxxx> wrote:
Hi,
I have c:\working\mykeystore\.jetty_keystore in which I created and imported certificate using openssl and commands from
http://www.cafesoft.com/products/cams/ps/docs30/admin/ConfiguringApache2ForSSLTLSMutualAuthentication.html
http://docs.codehaus.org/display/JETTY/How+to+configure+SSL
The keystore imported pkcs12 as entry with alias 1 so I changed it to alias jetty. I am trying clear text passwords but I am just doing things locally on pc.
The keystore is only keystore I have setup and I have jetty-ssl.xml as below:
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
<Set name="Port">8443</Set>
<Set name="maxIdleTime">30000</Set>
<Set name="Acceptors">2</Set>
<Set name="AcceptQueueSize">100</Set>
<Set name="Keystore">C:/working/mykeystore/.jetty_keystore</Set>
<Set name="Password">storePass123</Set>
<Set name="KeyPassword">password</Set>
<Set name="truststore">C:/working/mykeystore/.jetty_keystore</Set>
<Set name="trustPassword">storePass123</Set>
</New>
</Arg>
</Call>
is it a problem that both keystore and truststore are same ?
I get below in jetty logs:
2011-01-17 17:57:54.500:INFO::Started SslSelectChannelConnector@0.0.0.0:8443
2011-01-17 17:57:54.500:DBUG::STARTED SslSelectChannelConnector@0.0.0.0:8443
org.eclipse.jetty.server.Server@9e5c73 STOPPED
+-DebugHandler@4fc156 started
+-HandlerCollection@1a06e38 started
+-ContextHandlerCollection@2200d5 started
+-DefaultHandler@64ab4d started
2011-01-17 17:57:54.500:DBUG::STARTED org.eclipse.jetty.server.Server@9e5c73
2011-01-17 17:57:54.921:DBUG::loaded class org.eclipse.jetty.io.nio.SelectorManager$SelectSet$2 from ContextLoader@Test WebApp([file:/C:/Documents%20and%20Settings/mitenm/Local%20Settings/Temp/Jetty_0_0_0_0_8080_test.war____.hcx133/webapp/WEB-INF/classes/, file:/C:/Documents%20and%20Settings/mitenm/Local%20Settings/Temp/Jetty_0_0_0_0_8080_test.war____.hcx133/webapp/WEB-INF/lib/jetty-client-7.1.4.v20100610.jar, file:/C:/Documents%20and%20Settings/mitenm/Local%20Settings/Temp/Jetty_0_0_0_0_8080_test.war____.hcx133/webapp/WEB-INF/lib/jetty-continuation-7.1.4.v20100610.jar, file:/C:/Documents%20and%20Settings/mitenm/Local%20Settings/Temp/Jetty_0_0_0_0_8080_test.war____.hcx133/webapp/WEB-INF/lib/jetty-http-7.1.4.v20100610.jar, file:/C:/Documents%20and%20Settings/mitenm/Local%20Settings/Temp/Jetty_0_0_0_0_8080_test.war____.hcx133/webapp/WEB-INF/lib/jetty-io-7.1.4.v20100610.jar, file:/C:/Documents%20and%20Settings/mitenm/Local%20Settings/Temp/Jetty_0_0_0_0_8080_test.war____.hcx133/webapp/WEB-INF/lib/jetty-servlets-7.1.4.v20100610.jar, file:/C:/Documents%20and%20Settings/mitenm/Local%20Settings/Temp/Jetty_0_0_0_0_8080_test.war____.hcx133/webapp/WEB-INF/lib/jetty-util-7.1.4.v20100610.jar]) / StartLoader[file:/I%3a/learn/java/jetty-distribution-7.1.4.v20100610/lib/jsp/com.sun.el_1.0.0.v201004190952.jar, file:/I%3a/learn/java/jetty-distribution-7.1.4.v20100610/lib/jsp/ecj-3.6RC4.jar, file:/I%3a/learn/java/jetty-distribution-7.1.4.v20100610/lib/jsp/javax.el_2.1.0.v201004190952.jar, file:/I%3a/learn/java/jetty-distribution-7.1.4.v20100610/lib/jsp/javax.servlet.jsp_2.1.0.v201004190952.jar, file:/I%3a/learn/java/jetty-distribution-7.1.4.v20100610/lib/jsp/javax.servlet.jsp.jstl_1.2.0.v201004190952.jar, file:/I%3a/learn/java/jetty-distribution-7.1.4.v20100610/lib/jsp/jetty-jsp-2.1-7.1.4.v20100610.jar, file:/I%3a/learn/java/jetty-distribution-7.1.4.v20100610/lib/jsp/org.apache.jasper.glassfish_2.1.0.v201004190952.jar, file:/I%3a/learn/java/jetty-distribution-7.1.4.v20100610/lib/jsp/org.apache.taglibs.standard.glassfish_1.2.0.v201004190952.jar, file:/I%3a/learn/java/jetty-distribution-7.1.4.v20100610/resources/]
2011-01-17 18:00:17.908:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] channel=java.nio.channels.SocketChannel[connected local=/127.0.0.1:8443 remote=/127.0.0.1:2856]
2011-01-17 18:00:17.908:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] unwrap filled 158
2011-01-17 18:00:17.908:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] unwrap filled 0
2011-01-17 18:00:17.955:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] unwrap unwrap Status = OK HandshakeStatus = NEED_TASK|bytesConsumed = 158 bytesProduced = 0
2011-01-17 18:00:18.048:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] fill wrap Status = OK HandshakeStatus = NEED_UNWRAP|bytesConsumed = 0 bytesProduced = 1419
2011-01-17 18:00:18.048:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] Flushed 1419/1419
2011-01-17 18:00:18.048:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] unwrap filled 0
2011-01-17 18:00:18.048:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] unwrap filled 7
2011-01-17 18:00:18.048:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] unwrap filled -1
2011-01-17 18:00:18.095:WARN::javax.net.ssl.SSLException: Received fatal alert: unknown_ca
2011-01-17 18:00:18.095:INFO::EXCEPTION
javax.net.ssl.SSLException: Received fatal alert: unknown_ca
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1401)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1369)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1535)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:995)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:815)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:691)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:607)
at org.eclipse.jetty.io.nio.SslSelectChannelEndPoint.unwrap(SslSelectChannelEndPoint.java:684)
at org.eclipse.jetty.io.nio.SslSelectChannelEndPoint.fill(SslSelectChannelEndPoint.java:298)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:289)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)
at org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:489)
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)
at java.lang.Thread.run(Thread.java:619)
2011-01-17 18:00:18.095:INFO::EXCEPTION
javax.net.ssl.SSLException: Received fatal alert: unknown_ca
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1401)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1369)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1535)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:995)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:815)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:691)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:607)
at org.eclipse.jetty.io.nio.SslSelectChannelEndPoint.unwrap(SslSelectChannelEndPoint.java:684)
at org.eclipse.jetty.io.nio.SslSelectChannelEndPoint.fill(SslSelectChannelEndPoint.java:298)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:289)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)
at org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:489)
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)
at java.lang.Thread.run(Thread.java:619)
2011-01-17 18:00:18.095:DBUG::EOF org.eclipse.jetty.io.EofException
2011-01-17 18:00:55.096:DBUG::org.eclipse.jetty.io.nio.SelectorManager$SelectSet@bd09e8 JVM BUG(s) - cancelled keys 1 times
2011-01-17 18:05:24.818:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] channel=java.nio.channels.SocketChannel[connected local=/127.0.0.1:8443 remote=/127.0.0.1:2884]
2011-01-17 18:05:24.818:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] unwrap filled 0
2011-01-17 18:05:24.818:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] unwrap filled 158
2011-01-17 18:05:24.818:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] unwrap filled 0
2011-01-17 18:05:24.818:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] unwrap unwrap Status = OK HandshakeStatus = NEED_TASK|bytesConsumed = 158 bytesProduced = 0
2011-01-17 18:05:24.833:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] fill wrap Status = OK HandshakeStatus = NEED_UNWRAP|bytesConsumed = 0 bytesProduced = 1419
2011-01-17 18:05:24.833:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] Flushed 1419/1419
2011-01-17 18:05:24.833:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] unwrap filled 0
2011-01-17 18:05:24.833:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] unwrap filled 7
2011-01-17 18:05:24.833:DBUG:org.eclipse.jetty.http.ssl:[Session-1, SSL_NULL_WITH_NULL_NULL] unwrap filled -1
2011-01-17 18:05:24.833:WARN::javax.net.ssl.SSLException: Received fatal alert: access_denied
2011-01-17 18:05:24.833:INFO::EXCEPTION
javax.net.ssl.SSLException: Received fatal alert: access_denied
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1401)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1369)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1535)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:995)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:815)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:691)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:607)
at org.eclipse.jetty.io.nio.SslSelectChannelEndPoint.unwrap(SslSelectChannelEndPoint.java:684)
at org.eclipse.jetty.io.nio.SslSelectChannelEndPoint.fill(SslSelectChannelEndPoint.java:298)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:289)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)
at org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:489)
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)
at java.lang.Thread.run(Thread.java:619)
2011-01-17 18:05:24.833:INFO::EXCEPTION
javax.net.ssl.SSLException: Received fatal alert: access_denied
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1401)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1369)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1535)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:995)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:815)
at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:691)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:607)
at org.eclipse.jetty.io.nio.SslSelectChannelEndPoint.unwrap(SslSelectChannelEndPoint.java:684)
at org.eclipse.jetty.io.nio.SslSelectChannelEndPoint.fill(SslSelectChannelEndPoint.java:298)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:289)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:211)
at org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:424)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:489)
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)
at java.lang.Thread.run(Thread.java:619)
2011-01-17 18:05:24.833:DBUG::EOF org.eclipse.jetty.io.EofException
Regards,
Miten