Hi Christy,
Christy Ring wrote:
I wasnt aware of the certificate issue, thanks. I've modified the
keytool command to reflect the changes you suggest as follows, deleted
the .keystore and recreated it. I assume this is all I have to do with
the keystore to get up and running?
keytool -genkey -keyalg RSA -dname "cn=www.vennetics.com
<http://www.vennetics.com>, ou=JBox, o=Vennetics, c=GB" -alias vennetics
-keypass jbox123 -keystore /Users/christyring/.keystore -storepass jbox123
Yes, this should be sufficient to generate a self-signed certificate,
which may be enough depending on your requirements. This is likely to be
a problem if you deploy it for a wide audience.
Bruno do you have an application that you confirm this feature works
with 1.1-M5? To test myself I modified the keystore, keystorePassword
and keyPassword of the BasicHttpServer example that came with 1.1-M5
with my details, nothing else and ran this, it failed. I've pasted the
code below with my changes.
final File keystoreFile = new File("d:\\temp\\certificats",
"myServerKeystore");
// Component declaring only one HTTPS server connector.
final Component component = new Component();
component.getServers().add(Protocol.HTTPS, 8182);
component.getDefaultHost().attach("/helloWorld", restlet);
// Update component's context with keystore parameters.
component.getContext().getParameters().add("keystorePath",
"/Users/christyring/.keystore");
component.getContext().getParameters().add("keystorePassword", "jbox123");
component.getContext().getParameters().add("keyPassword", "jbox123");
I had missed something: now that the Contexts have been split, these
settings should be configured in the Server context:
Server server = component.getServers().add(Protocol.HTTPS, 8182);
component.getDefaultHost().attach("/helloWorld", restlet);
server.getContext().getParameters().add("keystorePath",
"/Users/christyring/.keystore");
server.getContext().getParameters().add("keystorePassword", "jbox123");
server.getContext().getParameters().add("keyPassword", "jbox123");
That's certainly something we should clarify in the documentation [1][2].
I've just tried this with a test keystore on OSX with Restlet 1.1-M5 and
it worked.
Best wishes,
Bruno.
[1]
http://wiki.restlet.org/docs_1.1/g1/13-restlet/29-restlet/99-restlet/46-restlet.html
[2] http://wiki.restlet.org/docs_1.1/g1/43-restlet/153-restlet.html