Ok, I have this working and have a second SSL instance on port 8443. But I'm having an issue with redirects; when I issue a request to the instance on port 8443 that results in a redirect, it includes the port 8443 in the URL:
curl -v -k https://server:8443/images [...] < HTTP/1.1 302 Found < Location: https://server:8443/images/ The instance on 8443 is behind the proxy/lb which listens on 443. It needs to redirect to 443. I already had this in my config: start.d/server.ini:jetty.httpConfig.securePort=443 But it seems that's only taken into account when redirecting from http to https, not for redirects when already using https? Unless I need to modify more stuff in what I copied. Thanks again... On Tue, Mar 09, 2021 at 09:20:13AM +0100, Greg Wilkins wrote: > Paul, > > You are correct that the jetty module system issetup to support only a > single instance of each type of connector. > To have your setup, you will need to at least right an XML file and perhaps > a custom module to make it easy to enable. > > You need to copy/paste/edit the files: > > ${jetty.home}/etc/jetty-ssl.xml > ${jetty.home}/etc/jetty-https.xml > ${jetty.home}/etc/jetty-proxy-protocol-ssl.xml > > > to ${jetty.base} and call them jetty-sslB.xml, jetty-httpsB.xml > & jetty-proxy-protocol-sslB.xml. Edit them so that they refer to the id > `sslConnectorB` > > You then can create a custom module in ${jetty.base}/modules/httpsB.mod > with contents like: > > > [description] > > Adds alternate HTTPS Connector > > [depend] > > ssl > > [xml] > > etc/jetty-sslB.xml > > etc/jetty-httpsB.xml > > etc/jetty-proxy-protocol-sslB.xml > > > You can replace `B` everywhere with something more descriptive... I tried > `2` but that is confusing with `http2`. You could also merge these files > into a single XML if you liked. > > So, in summary, you need your own XML to create the second SSL connector > with the different configuration. > > cheers > > > > > > > > > > > On Tue, 9 Mar 2021 at 02:46, Paul B. Henson <[email protected]> wrote: > > > I'm going to be running an instance of jetty in AWS. I'd like it to > > listen on the standard port 443 for internal https traffic, and then on > > port 4443 with proxy protocol enabled behind an ELB. > > > > I'm not clear how to accomplish that? It seems adding the proxy protocol > > module just turns it on on the default SSL port. I need to have jetty > > listen on the alternative port as well and have the proxy protocol only > > enabled on that one. > > > > Any guidance on the proper configuration for this would be greatly > > appreciated, thanks… > > _______________________________________________ > > jetty-users mailing list > > [email protected] > > To unsubscribe from this list, visit > > https://www.eclipse.org/mailman/listinfo/jetty-users > > > > > -- > Greg Wilkins <[email protected]> CTO http://webtide.com > _______________________________________________ > jetty-users mailing list > [email protected] > To unsubscribe from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users _______________________________________________ jetty-users mailing list [email protected] To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
