Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Easiest jetty replacement?

Answering a number of questions here...

TLS most definitely works in Jetty-12.  It is not significantly different to the implementation or setup in the EOL versions.  So if you are having problems, ask questions with actual details in an appropriate forum and somebody will help you.

With regards to javax vs jakarta issues,  Jetty 12 is able to run both.   It supports the ee8 environment and it is pretty much bug-for-bug compatible with jetty 9.4 (same core servlet impIentation).

As for paying for support on EOL versions of jetty, we've been developing jetty for 30 years and I've recently seen versions of jetty-5 in the wild.  It is just not feasible for us to backport security fixes to every version of jetty that there has ever been for free.   If you are running an EOL version of jetty and you wish to have security fixes, then you have 4 options:
  1. run without the security fixes, as the issue may not apply to you 
  2. upgrade to a current version of jetty - should be easy and we do assist users in the forums
  3. buy a support contract from webtide or partners
  4. apply the fixes yourself to the old version.  It is after all open source!
cheers






On Sat, 7 Mar 2026 at 05:05, Bill Ross via jetty-users <jetty-users@xxxxxxxxxxx> wrote:

> What problems are you having specifically with https?

I tried to get it working two times at least a year apart with certificates (2nd time with the free, self-renewing one), and gave up each time. 

Maybe the third time will be the charm.

> admittedly we terminate TLS with our host's appliance

https://en.wikipedia.org/wiki/The_Gods_Must_Be_Crazy

I was tempted to port/rewrite to a js or python server for even more of that codebase purification. :-)

The main use is on a local machine, so normal users shouldn't need certificates.

Latest thought is make it a back-end java server, so the web server would be a minimal layer using my API.

It would be a return to the hand-rolled distributed computing/roboting that I was doing in the 80's in C:

http://phobrain.com/pr/home/nastore/index.html

The man pages are on an offline drive somewhere, but their names alone could give an idea of the concept:
 
 
Bill
 
--
 
---
 


On 2026-03-06 18:16, Steven Schlansker wrote:



On Mar 6, 2026, at 4:20 PM, Bill Ross via jetty-users <jetty-users@xxxxxxxxxxx> wrote:

I'm looking to change from Jetty, now that I have to pay for upgrades to 10.x for my hobby site.
12.x is problematic for me since I haven't been able to get https working.
I've got 41K of Servlet code.
Ideas?

Probably the easiest upgrade path is to Jetty 12.x.
I agree, who would pay to run outdated versions, what nonsense! :P
(What other response do you expect, asking the Jetty community?)

You didn't include any real details about your problem. But (total stab in the dark) if you're mostly concerned about
the change from 'javax' to 'jakarta', I think unfortunately you'll find that the lawyers won, the community is moving on,
and you will have to bite the bullet sooner or later. Unfortunate that technical pain follows from legal politics
but such is life sometimes. For the most part global find and replace does at least some of the work, you'll fix a
metric ton of problems along the way, and emerge with a much better codebase overall.

What problems are you having specifically with https? We upgraded to Jetty 12.1 and are happier than ever with Jetty,
although admittedly we terminate TLS with our host's appliance and not Jetty itself.


_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users


--
Greg Wilkins <gregw@xxxxxxxxxxx> CTO http://webtide.com

Back to the top