|Re: [jetty-users] TLS ALPN ACME Lets Encrypt challange|
Hi, On Wed, Nov 23, 2022 at 3:53 PM Info <info@xxxxxxxxxx> wrote: > > Thanks for the answers so far, my current setup is working until the > service loader starts to search for ALPN processors. > > 2022-11-23T15:14:49,690 | WARN | paxweb-config-1-thread-1 | > XmlConfiguration | 86 - org.eclipse.jetty.util - > 9.4.18.v20190429 | Config error at <Call id="wanhttpsConnector" > name="addConnector"><Arg> > > Caused by: java.lang.IllegalStateException: No Server ALPNProcessors! > > To make it even more difficult I am on an OSGi environment so I am > adding SPI FLY at the moment so the ALPNServerConnectionFactory can find > my ACME ALPN processor. You don't need to write your own ALPN processor. > If I understood correctly any call without an acme-tls/1 protocol header > (but with the default http/1.1 protocol) will just continue in the chain > into the handlers? You just specify jetty.alpn.protocols=acme-tls/1, http/1.1. A connection attempt that carries the TLS ALPN extension of "acme-tls/1" will complete the TLS handshake, but then it won't find a ConnectionFactory, so the connection will be closed. A connection attempt that carries the TLS ALPN extension of "http/1.1" will complete the TLS handshake, find the HttpConnectionFactory, and proceed handling HTTP requests that arrive on the connection. -- Simone Bordet ---- http://cometd.org http://webtide.com Developer advice, training, services and support from the Jetty & CometD experts.
Back to the top