[jetty-users] HTTPS and TLS v1.3

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[jetty-users] HTTPS and TLS v1.3

From: Daniel Santos <daniel.dlds@xxxxxxxxx>
Date: Fri, 20 Feb 2026 16:23:23 +0000
Delivered-to: jetty-users@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/jetty-users/>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>

Hi,

I am using the jetty-12.1.6 libraries with graalvm-ce-17.
I have made a Java class that starts an embedded jetty server with two connectors :

- one http on port 9000

- one https on port 9433

I started the class implementation from the example HTTP server on the jetty documentation site.
Then I looked at the HTTPS example on the developer docs and adapted the class with that.
The server starts up and I can make HTTP requests like I used to before putting in the HTTPS connector.
I created the Java keystore based on the instructions on the operations manual and some other openssl info.
Because I couldn't generate the certificate with java's key tool. It hangs in gencert. So I used openssl to do
most of the job and then imported the final result into the java keystore.

Then I used curl to test https.

dlsa@besta facialrecognition % curl --trace-ascii httpreq.log --cacert jettyhttpscerts/jettyhttpscert.pem 'https://localhost:9433/auth/authorize?client_id=dlsa&redirect_uri=https://localhost:9433/auth/token?code=auth_code_123' curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to localhost:9433

The curl call log is :

== Info: Host localhost:9433 was resolved.
== Info: IPv6: ::1
== Info: IPv4: 127.0.0.1
== Info:   Trying [::1]:9433...
== Info: Connected to localhost (::1) port 9433
== Info: ALPN: curl offers h2,http/1.1
== Info: (304) (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 314 bytes (0x13a)
0000: ...6...~.d>..Tq...3.1^E[..O.7>.)...<. y.1......E;.=n._.y..L..].
0040: Or|.....b.............0.,.(.$.......k.9...........=.5...../.+.'.
0080: #.......g.3...E...<./...A.......................+............3.&
00c0: .$... /l..t...t..cw.3\...j....@xxxxxxx.........localhost........
0100: ...............................................h2.http/1.1
== Info:  CAfile: jettyhttpscerts/jettyca.pem
== Info:  CApath: none
== Info: (304) (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 122 bytes (0x7a)
0000: ...v......fJAH....ym...J..G..,.+.5.U. y.1......E;.=n._.y..L..].
0040: Or|..........+.....3.$... 3....5.....Z..$.a....1R".pY...m.
== Info: LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to localhost:9433
== Info: Closing connection

I asked in the curl-users mailing list, they say that jetty is probably returning HTTP.
So I am attaching the source code of the Java class where I embed the server, in the hopes
someone sees something I may be doing wrong.

Thanks,
Regards

Prev by Date: [jetty-users] Announcing Eclipse Jetty 12.1.6 Release
Previous by thread: [jetty-users] Announcing Eclipse Jetty 12.1.6 Release
Index(es):
- Date
- Thread

Breadcrumbs