Re: [jetty-users] Problem with a key for HTTP/3 in Jetty server

[Ludovic Orban <lorban@xxxxxxxxxxx>]

Hi,

Something is looking strange. QuicServerConnector.doStart() is supposed to do these things in order:

 * check that your keystore contains at least one alias

 * if SslContextFactory.getCertAlias() is not null, load that key pair

 * otherwise load the key pair of the first known alias

The SSLKeyPair class loads the key in its constructor, then later reads it from its export() method.

In SSLKeyPair, since the export() method throws NPE in your case, that means the call to KeyStore.getKey() in the constructor must have returned null. This could happen if you configured a non-existing alias with SslContextFactory.setCertAlias().

Could that be the cause of your problem? This looks unlikely though as I assume HTTP/2 would not have worked in that case.

What's the content of your keystore? How have you set your SslContextFactory up? If you could post a complete piece of code that replicates the issue, we could certainly figure out the problem quickly.

--

Ludovic Orban / lorban@xxxxxxxxxxx

On Mon, Jul 25, 2022 at 4:09 PM Michał Niklas <michal.niklas@xxxxxxxxxx> wrote:

Hi,



I have a server which use Jetty HTTP/2. Now I want to add support for
HTTP/3 so I added:



        http3_connector = new HTTP3ServerConnector(jetty_server,
sslContextFactory, new HTTP3ServerConnectionFactory(httpConfig));

        int http3_port = port_http2 + 1;

        http3_connector.setPort(http3_port);

        ...

        SSLconnector = new ServerConnector(jetty_server, new
ConnectionFactory[] { ssl, alpn, http2, http });

        jetty_server.setConnectors(new Connector[] { SSLconnector });

        jetty_server.addConnector(http3_connector);



In this code `sslContextFactory` and `httpConfig` are the same as for
HTTP/2. But when I start server I got:



        java.lang.NullPointerException: Cannot invoke
"java.security.Key.getEncoded()" because "key" is null

                at org.eclipse.jetty.quic.quiche.SSLKeyPair.writeAsPEM(SSLKeyPair.java:81)

                at org.eclipse.jetty.quic.quiche.SSLKeyPair.export(SSLKeyPair.java:69)

                at
org.eclipse.jetty.quic.server.QuicServerConnector.doStart(QuicServerConnector.java:176)

                at
org.eclipse.jetty.http3.server.HTTP3ServerConnector.doStart(HTTP3ServerConnector.java:61)

                at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:93)

                at org.eclipse.jetty.server.Server.doStart(Server.java:427)

                at
org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:93)

                at
heuthes.hdb.HDB_httpsrv_jetty.startHTTPSServer(HDB_httpsrv_jetty.java:481)

                at heuthes.hdb.HDBw3srv.startHTTPSServer(HDBw3srv.java:645)

                at heuthes.hdb.server.run(server.java:477)



It starts HTTP/3 but not HTTP/2 and when I try to use port 18444 it
rejects my queries.



        [mn:~] $ netstat -lnp  | grep 11818

        ...(no HTTP/2 port)

        udp6       0      0 :::18444                :::*
          11818/java



When I comment:



        SSLconnector = new ServerConnector(jetty_server, new
ConnectionFactory[] { ssl, alpn, http2, http });

        jetty_server.setConnectors(new Connector[] { SSLconnector });

        // jetty_server.addConnector(http3_connector);



My server starts with HTTP/2 and works normally.



Is there something wrong with my JKS that it can work with HTTP/2 but
cannot with HTTP/3? Is there an issue in my code?





--

Best regards,

Michał Niklas

_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users