David,

Have you commented out too many of the params? Specifically sslC​ontextFactory 
and keystoreType?

How about trying the following:

 Series<Parameter> parameters = server.getContext().​getParameters();
 parameters.add("sslC​ontextFactory", 
"org.restlet.ext.ssl​.PkixSslContextFacto​ry");
 parameters.add("keystorePath", keystorepath);
 parameters.add("keys​torePassword", keystorepassword);
 parameters.add("keyPassword", keypassword);
 parameters.add("keystoreType", "JKS");
 parameters.add("truststore", keystorepath);
 parameters.add("trustPassword", keystorepassword);
 parameters.add("need​ClientAuthentication​",needclientauthenti​cation); //Turn 
this on for client authentication

Hope to help.

Jim

> Hi
> 
> I've been stuck on setting up using Client Authentication using SSL with 
> Jetty Server. I've setup my server based on these codes
> 
>         component = new Component();
>         Server server = component.getServers().add(Protocol.HTTPS, 8112);
>         
>         Series<Parameter> parameters = server.getContext().getParameters();
> //        parameters.add("sslContextFactory", 
> "org.restlet.ext.ssl.PkixSslContextFactory");
> //        parameters.add("keystorePath", keystorepath);
> //        parameters.add("keystorePassword", keystorepassword);
> //        parameters.add("keyPassword", keypassword);
> //        parameters.add("keystoreType", "JKS");
>         
>         parameters.add("keystorePath", keystorepath);
>         parameters.add("keystorePassword", keystorepassword);
>         parameters.add("truststore", keystorepath);
>         parameters.add("trustPassword", keystorepassword);
>         parameters.add("keyPassword", keypassword);
>         parameters.add("needClientAuthentication",needclientauthentication); 
> //Turn this on for client authentication 
>         
>         Application app = new App();
>         
>         component.getDefaultHost().attachDefault(app);
>         component.start();
> 
> 
> I've created a server key store (jks) and sucessfully setup SSL connection. 
> I've also imported a client cert into this keystore and imported into my 
> firefox browser. The problem is that my browser isn't being challenged or 
> asked to select which certificate. And the only error msg I get is:
> 
>  SSL peer cannot verify your certificate.
> (Error code: ssl_error_bad_cert_alert)
> 
> Any help or suggestion would be great.

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2887007

Reply via email to