Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] Web application ARchive file security


I'm looking to protect my WAR file deployed into Jetty server. I did add signature to the WAR file following the siteĀ but this alone is not enough as it is possible for malicious tampering by third personnel by removing the signature contents.

I'm looking to add client server authentication using certificate to WAR file just like we do for HTTPS requests.

My question is, is this possible in Jetty to do so? by including the client certificate inside WAR file and server certificate to be imported into Jetty server keystore to verify the WAR file provider as an second step verification?

Thanks inĀ advance!

Back to the top