Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] Jetty and Java 8 SSL improvements


Do you think it's a big task to implement it? There is a patch from earlier this year in that bug report which might be a good basis.

I'd prefer not to use an SSL stack written in a non-memory safe language. Perhaps I'm swapping one set of problems for another, but a Java SSL implementation seems to mitigate the scariest risks.

Also, I use continuations for long polling, which may not necessarily work that efficiently with all proxies.

It seems like Netty's API is more amenable to supporting SNI . Maybe swapping to that or using it as a proxy would be a solution.



Steve Sobol - Lobos Studios steve@xxxxxxxxxxxxxxxx wrote:
> Ben, if you (or anyone else) would like to know how my working Apache >> 
> Jetty proxy is set up, I'll be happy to share configs - just ask.
> Steve Sobol - Lobos Studios wrote:
>> This is something I've been asking about. It's a low priority for the 
>> Jetty team. It was suggested that I could contribute a fix, and 
>> there's certainly enough information in Bugzilla that I could do it 
>> pretty easily, but paying projects have priority and I have a couple 
>> big deadlines to meet. I would love to contribute a fix when I have 
>> time, though.
>> Right now, as a workaround, I have a server dedicated to J2EE apps, 
>> running Jetty, and I threw Apache 2.4 on that box and am using it and 
>> mod_proxy to proxy HTTPS requests to Jetty (because Apache 2.4 speaks 
>> SNI).
>> Ben Summers wrote:
>>> Hello,
>>> Now Java 8 has SNI support, and the ability to set the cipher suite order, are there any plans to add support in Jetty?
>>> I see from Bugzilla that some work has been done on support, is this something that is likely to be added to Jetty in the near future?
>>> I need to add SNI support (and ideally set the cipher suite order) and am just wondering what my options are.
>>> Many thanks,
>>> Ben

Back to the top