Oh good, you got it ironed out. Those certs can be a royal pain at times. cheers, jesse
-- jesse mcconnell [email protected] http://webtide.com / http://intalio.com (the folks behind jetty and cometd) On Mon, Sep 19, 2011 at 12:57, Martin Hewitt <[email protected]> wrote: > Turns out my keystore wasn't quite set up correctly. Despite appearing > to load the right certificate, it wasn't, so I had to follow the > instructions here: > > http://wiki.eclipse.org/Jetty/Howto/Configure_SSL#Loading_Keys_and_Certificates_via_PKCS12 > > To convert my .crt and .key files into a .p12 file, and then import > that into the keystore using keytool. > > Just if anyone comes across this thread... > > Martin > > On 19 September 2011 16:46, Martin Hewitt <[email protected]> wrote: >> Sorry, forgot to mention. I'm using Jetty-7.3.1v20110307. >> >> Martin >> >> On 19 September 2011 16:18, Martin Hewitt <[email protected]> wrote: >>> Hi, >>> >>> I've been trying to get SSL working with an embedded Jetty install and >>> I keep bumping up against the above error. >>> >>> I've stripped out the ancillary code to simply leave a test server >>> which adds an SslChannelConnector and starts. >>> >>> The logging (-Djavax.net.debug=all) appears to find the certificate >>> without trouble, but whenever I try and connect I get the "cipher >>> suites" error. >>> >>> My embedded code is (assume 's' is a map of configuration values, and >>> assume server is: Server server = new Server() ): >>> >>> >>> SslContextFactory scf = new SslContextFactory(); >>> scf.setKeyStore(s.get("keystore")); >>> scf.setKeyStorePassword(s.get("keystorePassword")); >>> >>> scf.setTrustStore( s.get("keystore") ); >>> scf.setTrustStorePassword(s.get("keystorePassword")); >>> >>> scf.setKeyManagerPassword(s.get("keystorePassword")); >>> >>> SslSelectChannelConnector connector = new >>> SslSelectChannelConnector(scf); >>> connector.setPort( port ); >>> >>> server.addConnector(connector); >>> >>> Prior to updating the embedded code, I used keytool to import the >>> certificate as detailed here: >>> http://wiki.eclipse.org/Jetty/Reference/SSL_Connectors >>> >>> I've tried using SslContextFactory#setIncludeCipherSuites to no avail. >>> >>> Any help or pointers would be greatly appreciated. >>> >>> Thanks, >>> >>> Martin >>> >> > _______________________________________________ > jetty-users mailing list > [email protected] > https://dev.eclipse.org/mailman/listinfo/jetty-users > _______________________________________________ jetty-users mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/jetty-users
