[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [jetty-users] jetty 7 + https ?
|
Hi guys, thanks for your help - I think I skipped over an important point in the key generation:
step1A:
"The only mandatory response is to provide the fully qualified host name of the server at the 'first and last name' prompt.":
keytool -keystore keystore -alias jetty -genkey -keyalg RSA
Enter keystore password: password
What is your first and last name?
[Unknown]: jetty.mortbay.org
I'm running my server at localhost (for development) - what would the fully qualified host name be in this case?
Other than that, the only other part I could have gone wrong at is updating jetty.xml with the new connector definition. I've put it right below the default connector defintion:
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.nio.SelectChannelConnector">
<Set name="host"><SystemProperty name="jetty.host"/></Set>
<Set name="port"><SystemProperty default="8080" name="jetty.port"/></Set>
<Set name="maxIdleTime">300000</Set>
<Set name="Acceptors">2</Set>
<Set name="statsOn">false</Set>
<Set name="confidentialPort">8443</Set>
<Set name="lowResourcesConnections">20000</Set>
<Set name="lowResourcesMaxIdleTime">5000</Set>
</New>
</Arg>
</Call>
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
<Set name="port">8443</Set>
<Set name="maxIdleTime">30000</Set>
<Set name="keystore"><SystemProperty name="jetty.home" default="." />/etc/keystore</Set>
<Set name="password">mypassword</Set>
<Set name="keyPassword">mypassword</Set>
<Set name="truststore"><SystemProperty name="jetty.home" default="." />/etc/keystore</Set>
<Set name="trustPassword">mypassword</Set>
</New>
</Arg>
</Call>
Does that look correct?
Thanks again
On Mon, Mar 7, 2011 at 8:34 AM, Mike Pilone
<MPilone@xxxxxxx> wrote:
Mark,
I'm using Jetty embedded but I was able to get SSL working with
the following code. I didn't have to add any extra libs other than the maven
dependencies on the normal jetty-* projects.
URL keyResource = ContainerStart.class.getResource("/config/ssl-keystore.jks");
sLog.info(format("Loading certificate from keystore
[%s].", keyResource));
SslSocketConnector connector = new SslSocketConnector();
connector.setKeyPassword(keyPassword);
connector.setKeystore(keyResource.toString());
connector.setMaxIdleTime(1000 * 60 * 60);
connector.setSoLingerTime(-1);
connector.setPort(sslPort);
server.addConnector(connector);
-mike
| Mike
Pilone | Software Architect, Distribution | mpilone@xxxxxxx
| o: 202-513-2679 m: 703-969-7493
Hi Mithul,
The jsse.jar is there, the others are not (maybe they're
renamed - not sure how old that jetty documentation I referenced is?). Is there
new documentation for jetty 7 on this?
I can get jetty to start up, and I can ping port 8443 ok,
get a response and all. But trying to navigate to the url via a browser throws
a 102 error, connection refused,
On Mon, Mar 7, 2011 at 12:07 AM, Mitul Adhia <mituladhia19@xxxxxxxxx> wrote:
Hi Mark,
The jars are available in your JRE installation under lib
directory ..Can you please check their ?
Hi,
I'm trying to setup jetty 7 for https. I've followed the
instructions here:
but not sure about the line:
"(make sure that jcert.jar, jnet.jar and jsse.jar are
on your classpath)"
I'm
on mac os 10.6, those jars are not present, and I don't see a place to download
them. Before going further - are these instructions up to date at all? They
still have the mortbay package naming, not sure if these jars are still
necessary with jetty 7. I looked through the eclipse doc pages for jetty, but
didn't see any updated walkthrough, thought something might be at:
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/jetty-users
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/jetty-users
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/jetty-users