Re: [jetty-users] How to Jetty server listen on multiple IP addresses

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [jetty-users] How to Jetty server listen on multiple IP addresses

From: Uwe Schindler <uschindler@xxxxxxxxxx>
Date: Thu, 11 May 2023 13:50:53 +0200
Delivered-to: jetty-users@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/jetty-users/>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>
Organization: Apache Software Foundation
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.10.1

Hi,

The default config files using those properties only install a single connector using the configuration XML. These XML files use the mentioned "jetty.ssl.host" properties as dynamic settings to setup the IP address of a single connector. To listen on multiple IP addresses, the Jetty server must install multiple connectors (one for each IP address). This can only be done by using your own XML configuration file just editing the properties files is not posisble for those complex setups. Search for "jetty.ssl.host" in all XML files and start from there (duplicating connectors and so on).

Uwe

Am 11.05.2023 um 12:19 schrieb ihonda--- via jetty-users:

Hi,

This is about Jetty's SSL server bind port.

By default, SSL server listen at all ip address on the host.

Default 0.0.0.0.

Our host have multiple network devices, each device has different ip address.

Security team want we do not want jetty to listen on unnecessary network device(ip address).

Here is ssl.ini file. If I set hostname or ip address, Jetty listen on

that specific address.

$JETTY_HOME/start.d/ssl.ini

# ---------------------------------------

# Module: ssl

# Enables a TLS(SSL) Connector on the server.

# This may be used for HTTPS and/or HTTP2 by enabling

# the associated support modules.

# ---------------------------------------

--module=ssl

### TLS(SSL) Connector Configuration

## Connector host/address to bind to

jetty.ssl.host=`hostname`

Requirement is we want this configuration flexible. For example, we want to

listen on multiple addresses on the interface.

This kind of setting is not valid.

jetty.ssl.host="host_a,host_b,localhost"

How can I enable listen(bind) on multiple host address ?

i.e.

Specify multiple network device to listen on

Specify range of ip address to listen on

Specify hostname+localhost to listen on

---

Iori Honda
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users

-- 
Uwe Schindler
uschindler@xxxxxxxxxx 
ASF Member, Member of PMC and Committer of Apache Lucene and Apache Solr
Bremen, Germany
https://lucene.apache.org/
https://solr.apache.org/

References:
- [jetty-users] How to Jetty server listen on multiple IP addresses
  - From: ihonda

Prev by Date: [jetty-users] How to Jetty server listen on multiple IP addresses
Next by Date: Re: [jetty-users] How to Jetty server listen on multiple IP addresses
Previous by thread: [jetty-users] How to Jetty server listen on multiple IP addresses
Next by thread: Re: [jetty-users] How to Jetty server listen on multiple IP addresses
Index(es):
- Date
- Thread

Breadcrumbs