Re: SSL problem

Sun, 17 Aug 2008 09:32:29 -0700 

Hi Christy,

Christy Ring wrote:
I wasnt aware of the certificate issue, thanks. I've modified the keytool command to reflect the changes you suggest as follows, deleted the .keystore and recreated it. I assume this is all I have to do with the keystore to get up and running? 


keytool -genkey -keyalg RSA -dname "cn=www.vennetics.com 
<http://www.vennetics.com>, ou=JBox, o=Vennetics, c=GB" -alias vennetics 
-keypass jbox123 -keystore /Users/christyring/.keystore -storepass jbox123 



Yes, this should be sufficient to generate a self-signed certificate, 
which may be enough depending on your requirements. This is likely to be 
a problem if you deploy it for a wide audience.




Bruno do you have an application that you confirm this feature works 
with 1.1-M5?  To test myself I modified the keystore, keystorePassword 
and keyPassword of the BasicHttpServer example that came with 1.1-M5 
with my details, nothing else and ran this, it failed.   I've pasted the 
code below with my changes. 



final File keystoreFile = new File("d:\\temp\\certificats", 
"myServerKeystore");

// Component declaring only one HTTPS server connector.
final Component component = new Component();
component.getServers().add(Protocol.HTTPS, 8182);
component.getDefaultHost().attach("/helloWorld", restlet);

// Update component's context with keystore parameters.

component.getContext().getParameters().add("keystorePath", 
"/Users/christyring/.keystore");

component.getContext().getParameters().add("keystorePassword", "jbox123");
component.getContext().getParameters().add("keyPassword", "jbox123");



I had missed something: now that the Contexts have been split, these 
settings should be configured in the Server context:


 Server server = component.getServers().add(Protocol.HTTPS, 8182);
 component.getDefaultHost().attach("/helloWorld", restlet);


 server.getContext().getParameters().add("keystorePath", 
"/Users/christyring/.keystore");

 server.getContext().getParameters().add("keystorePassword", "jbox123");
 server.getContext().getParameters().add("keyPassword", "jbox123");

That's certainly something we should clarify in the documentation [1][2].


I've just tried this with a test keystore on OSX with Restlet 1.1-M5 and 
it worked.


Best wishes,

Bruno.



[1] 
http://wiki.restlet.org/docs_1.1/g1/13-restlet/29-restlet/99-restlet/46-restlet.html

[2] http://wiki.restlet.org/docs_1.1/g1/43-restlet/153-restlet.html























					Reply via email to