Skip to main content



      Home
Home » Newcomers » Newcomers » Configuring generated keystore in jetty ssl file
Configuring generated keystore in jetty ssl file [message #1800182] Thu, 20 December 2018 23:16 Go to next message
Eclipse UserFriend
I have to enable SSL in Jetty. I have generated keystore file using Keytool. I have included this keytool file in JETTY_BASE\etc\myKeystore. I have included jetty-https.xml and jetty-ssl.xml in JETTY_BASE\etc
jetty-https.xml:
<?xml version="1.0"?>
 <Configure id="Server" class="org.eclipse.jetty.server.Server">
   <Call id="httpsConnector" name="addConnector">
    <Arg>
      <New class="org.eclipse.jetty.server.ServerConnector">
        <Arg name="server"><Ref refid="Server" /></Arg>
        <Arg name="acceptors" type="int"><Property name="ssl.acceptors" default="-1"/></Arg>
        <Arg name="selectors" type="int"><Property name="ssl.selectors" default="-1"/></Arg>
        <Arg name="factories">
          <Array type="org.eclipse.jetty.server.ConnectionFactory">
            <Item>
              <New class="org.eclipse.jetty.server.SslConnectionFactory">
                <Arg name="next">http/1.1</Arg>
                <Arg name="sslContextFactory"><Ref refid="sslContextFactory"/></Arg>
              </New>
            </Item>
            <Item>
              <New class="org.eclipse.jetty.server.HttpConnectionFactory">
                <Arg name="config"><Ref refid="sslHttpConfig"/></Arg>
              </New>
            </Item>
          </Array>
        </Arg>
        <Set name="host"><Property name="jetty.host" /></Set>
        <Set name="port"><Property name="https.port" default="443" /></Set>
        <Set name="idleTimeout"><Property name="https.timeout" default="30000"/></Set>
        <Set name="soLingerTime"><Property name="jetty.https.soLingerTime" default="-1"/></Set>
        <Set name="acceptorPriorityDelta"><Property name="jetty.https.acceptorPriorityDelta" default="0"/></Set>
        <Set name="acceptQueueSize"><Property name="jetty.https.acceptQueueSize" default="0"/></Set>
      </New>
    </Arg>
  </Call>
</Configure>

jetty-ssl.xml:
<?xml version="1.0"?>
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
  <Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.keystore" default=""/>etc/myKeystore</Set>
  <Set name="KeyStorePassword"><Property name="jetty.keystore.password" default=""/>password</Set>
  <Set name="KeyManagerPassword"><Property name="jetty.keymanager.password" default=""/>password</Set>
  <Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.truststore" default=""/>etc/myKeystore</Set>
  <Set name="TrustStorePassword"><Property name="jetty.truststore.password" default=""/>password</Set>
  <Set name="EndpointIdentificationAlgorithm"></Set>
  <Set name="NeedClientAuth"><Property name="jetty.ssl.needClientAuth" default="false"/></Set>
  <Set name="WantClientAuth"><Property name="jetty.ssl.wantClientAuth" default="false"/></Set>
  <Set name="ExcludeCipherSuites">
    <Array type="String">
      <Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
      <Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
      <Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
      <Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
      <Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
      <Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
      <Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
    </Array>
  </Set>
  <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
    <Arg><Ref refid="httpConfig"/></Arg>
    <Call name="addCustomizer">
      <Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg>
    </Call>
  </New>
</Configure>
Though I have specified my keystore file as
<Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.keystore" default=""/>etc/myKeystore</Set>
it is not recognized. Jetty uses default 'keystore' file located in 'JETTY_BASE/etc'. How to use the generated keystore file?
Re: Configuring generated keystore in jetty ssl file [message #1800185 is a reply to message #1800182] Fri, 21 December 2018 01:11 Go to previous message
Eclipse UserFriend
Looking at the Jetty home page I see it lists their mailing lists:

https://www.eclipse.org/jetty/mailinglists.html

So you're probably best off subscribing to https://accounts.eclipse.org/mailing-list/jetty-users and posting your question on the jet-users mailing list.
Previous Topic:Can Eclipse 2018-12 works with MYSQL server version 8 & above?
Next Topic:Help Downloading and Installing WindowBuilder
Goto Forum:
  


Current Time: Fri Jul 04 19:45:23 EDT 2025

Powered by FUDForum. Page generated in 0.08547 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top