Hi guys, thanks for your help - I think I skipped over an important point in the key generation:
http://docs.codehaus.org/display/JETTY/How+to+configure+SSL step1A: "The only mandatory response is to provide the fully qualified host name of the server at the 'first and last name' prompt.": keytool -keystore keystore -alias jetty -genkey -keyalg RSA Enter keystore password: password What is your first and last name? [Unknown]: jetty.mortbay.org I'm running my server at localhost (for development) - what would the fully qualified host name be in this case? Other than that, the only other part I could have gone wrong at is updating jetty.xml with the new connector definition. I've put it right below the default connector defintion: <Call name="addConnector"> <Arg> <New class="org.eclipse.jetty.server.nio.SelectChannelConnector"> <Set name="host"><SystemProperty name="jetty.host"/></Set> <Set name="port"><SystemProperty default="8080" name= "jetty.port"/></Set> <Set name="maxIdleTime">300000</Set> <Set name="Acceptors">2</Set> <Set name="statsOn">false</Set> <Set name="confidentialPort">8443</Set> <Set name="lowResourcesConnections">20000</Set> <Set name="lowResourcesMaxIdleTime">5000</Set> </New> </Arg> </Call> <Call name="addConnector"> <Arg> <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector"> <Set name="port">8443</Set> <Set name="maxIdleTime">30000</Set> <Set name="keystore"><SystemProperty name="jetty.home" default="." />/etc/keystore</Set> <Set name="password">mypassword</Set> <Set name="keyPassword">mypassword</Set> <Set name="truststore"><SystemProperty name="jetty.home" default= "." />/etc/keystore</Set> <Set name="trustPassword">mypassword</Set> </New> </Arg> </Call> Does that look correct? Thanks again On Mon, Mar 7, 2011 at 8:34 AM, Mike Pilone <[email protected]> wrote: > Mark, > > > > I'm using Jetty embedded but I was able to get SSL working with the > following code. I didn't have to add any extra libs other than the maven > dependencies on the normal jetty-* projects. > > > > URL keyResource = > ContainerStart.class.getResource("/config/ssl-keystore.jks"); > > sLog.info(format("Loading certificate from keystore [%s].", > keyResource)); > > > > SslSocketConnector connector = new SslSocketConnector(); > > connector.setKeyPassword(keyPassword); > > connector.setKeystore(keyResource.toString()); > > connector.setMaxIdleTime(1000 * 60 * 60); > > connector.setSoLingerTime(-1); > > connector.setPort(sslPort); > > server.addConnector(connector); > > > > -mike > > > > [image: *] | Mike Pilone | Software Architect, Distribution | > [email protected] | o: 202-513-2679 m: 703-969-7493 > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Mark Wyszomierski > *Sent:* Monday, March 07, 2011 1:38 AM > *To:* JETTY user mailing list > *Subject:* Re: [jetty-users] jetty 7 + https ? > > > > Hi Mithul, > > > > The jsse.jar is there, the others are not (maybe they're renamed - not sure > how old that jetty documentation I referenced is?). Is there new > documentation for jetty 7 on this? > > > > I can get jetty to start up, and I can ping port 8443 ok, get a response > and all. But trying to navigate to the url via a browser throws a 102 error, > connection refused, > > > > Thanks > > > > On Mon, Mar 7, 2011 at 12:07 AM, Mitul Adhia <[email protected]> > wrote: > > Hi Mark, > > > > The jars are available in your JRE installation under lib directory ..Can > you please check their ? > > > > Best Regards, > > Mitul > > > > On Mon, Mar 7, 2011 at 9:53 AM, Mark Wyszomierski <[email protected]> > wrote: > > Hi, > > > > I'm trying to setup jetty 7 for https. I've followed the instructions here: > > > > > http://docs.codehaus.org/display/JETTY/How+to+configure+SSL#HowtoconfigureSSL-step4 > > > > but not sure about the line: > > > > "(make sure that jcert.jar, jnet.jar and jsse.jar are on your > classpath)" > > > > I'm on mac os 10.6, those jars are not present, and I don't see a place to > download them. Before going further - are these instructions up to date at > all? They still have the mortbay package naming, not sure if these jars are > still necessary with jetty 7. I looked through the eclipse doc pages for > jetty, but didn't see any updated walkthrough, thought something might be > at: > > > > http://wiki.eclipse.org/Jetty/Howto#Security > > > > no luck. > > > > Thanks > > > > > > _______________________________________________ > jetty-users mailing list > [email protected] > https://dev.eclipse.org/mailman/listinfo/jetty-users > > > > > _______________________________________________ > jetty-users mailing list > [email protected] > https://dev.eclipse.org/mailman/listinfo/jetty-users > > > > _______________________________________________ > jetty-users mailing list > [email protected] > https://dev.eclipse.org/mailman/listinfo/jetty-users > >
<<image001.jpg>>
_______________________________________________ jetty-users mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/jetty-users
