[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
[jetty-users] Jetty and Java 8 SSL improvements
|
Steve,
Do you think it's a big task to implement it? There is a patch from earlier this year in that bug report which might be a good basis.
I'd prefer not to use an SSL stack written in a non-memory safe language. Perhaps I'm swapping one set of problems for another, but a Java SSL implementation seems to mitigate the scariest risks.
Also, I use continuations for long polling, which may not necessarily work that efficiently with all proxies.
It seems like Netty's API is more amenable to supporting SNI https://github.com/grahamedgecombe/netty-sni-example . Maybe swapping to that or using it as a proxy would be a solution.
Thanks.
Ben
Steve Sobol - Lobos Studios steve@xxxxxxxxxxxxxxxx wrote:
>
> Ben, if you (or anyone else) would like to know how my working Apache >>
> Jetty proxy is set up, I'll be happy to share configs - just ask.
>
> Steve Sobol - Lobos Studios wrote:
>> This is something I've been asking about. It's a low priority for the
>> Jetty team. It was suggested that I could contribute a fix, and
>> there's certainly enough information in Bugzilla that I could do it
>> pretty easily, but paying projects have priority and I have a couple
>> big deadlines to meet. I would love to contribute a fix when I have
>> time, though.
>>
>> Right now, as a workaround, I have a server dedicated to J2EE apps,
>> running Jetty, and I threw Apache 2.4 on that box and am using it and
>> mod_proxy to proxy HTTPS requests to Jetty (because Apache 2.4 speaks
>> SNI).
>>
>> Ben Summers wrote:
>>> Hello,
>>>
>>> Now Java 8 has SNI support, and the ability to set the cipher suite order, are there any plans to add support in Jetty?
>>>
>>> I see from Bugzilla that some work has been done on support, is this something that is likely to be added to Jetty in the near future?
>>>
>>> https://bugs.eclipse.org/bugs/show_bug.cgi?id=430951
>>>
>>> I need to add SNI support (and ideally set the cipher suite order) and am just wondering what my options are.
>>>
>>> Many thanks,
>>>
>>> Ben
>>>
>>>