Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Some advise needed 
Hi,

On Sun, May 20, 2018 at 7:55 AM, Saeed Khademi <saeed@xxxxxx> wrote:
> Hello Everyone,
> I am new to this list, and I’m not sure if this is the right place to ask my
> question,
> so please forgive me, if this is not the right place.
>
> I am using jetty 9.3.9 on windows server. I installed SSL certificate for
> the server and it works fine.

What JDK version ?
You want to make sure you are on the latest JDK version that support
TLS 1.2 and OCSP stapling.

> I tried to test the ssl configuration by using https://www.htbridge.com/ssl/
> and the result says it needs some work.
>
> To resolve the issues I need to solve the following :
> 1- remove some weak elliptic curves like secp160k1 (161 bits)
>     I searched the web to find a document to do this without any luck.

https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html

> 2- The test result also says : “SERVER DOES NOT SUPPORT OCSP STAPLING“
>     How can I enable OCSP?

https://stackoverflow.com/questions/49904935/jetty-9-enable-ocsp-stapling-for-domain-validated-certificate

> 3- How to redirect http to https?

https://www.eclipse.org/jetty/documentation/current/moved-context-handler.html

-- 
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.

Back to the top