Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] TLS ALPN ACME Lets Encrypt challange 
Hi,

On Wed, Nov 23, 2022 at 10:13 AM Info <info@xxxxxxxxxx> wrote:
>
> Dear community,
>
>
> I am looking into the Lets Encrypt TLS-ALPN-01 challenge and want to create a ALPN TLS extension for Jetty 9.
> Does anybody already have any experience with this or even already created an open source connection factory?
>
> I am looking into the HTTP2 configurations I can find online for inspiration, can I stack the ALPN challange ontop of the default SSL/TLS connection?

It should be enough to use the configuration for http2 and http/1.1,
add "acme-tls/1" to the list of ALPN protocols.

When the ACME client connects, Jetty will select the "acme-tls/1"
ConnectionFactory, complete the TLS handshake, find that the
"acme-tls/1" has no correspondent ConnectionFactory and close the
connection (which is expected).

So:

$ java -jar $JETTY_HOME/start.jar --add-modules=http2
$ java -jar $JETTY_HOME/start.jar jetty.alpn.protocols=acme-tls/1,h2,http/1.1

I did not try, so let us know if it works.

-- 
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.

Back to the top