Hoo boy, this is a HUGE topic, and is not suitable for email. The basics, For server side TLS (this is what it's called now, SSL is dead, long live TLS), you'll need ...
* A Java keystore (required) * A Java truststore (optional, you don't have to create one, you can even just use the built in defaults) * A Jetty configuration to find the keystore file (this is the SslContextFactory.Server) * A Jetty configuration for your connector (the thing that accepts connections) * A Jetty configuration to find the specific details in the keystore that you want to use for that connector. For the Java keystore, you'll want PKCS12 format, and the techniques to get your certificates into that keystore are documented all over the internet. Just pick documentation that suits your version of Java and OS best. (so don't pick documentation talking about Java 7 on Windows if you are using Java 11 on Linux, as the tools you will use will be different). Once you have this keystore file setup with your certificates you'll need to setup the configurations on Jetty side (listed above). You'll need to know things like the keystore passwords and any aliases within the keystore you might have configured, etc. Then you'll optionally have to setup permissions on your OS to allow Jetty to bind to port 443. (do yourself a favor and use 8443 while testing, make sure it works on that port first, then worry about the OS permissions issue when you switch to port 443). Joakim Erdfelt / joa...@webtide.com On Thu, May 12, 2022 at 4:17 PM Esquivel, Vince <esquiv...@uhd.edu> wrote: > Thanks Joakim for the info, I have looked through that but still a little > foggy about it all. You are correct, I meant to say port 443 and not 80. > > > > Vince > > > > *From:* jetty-users <jetty-users-boun...@eclipse.org> *On Behalf Of *Joakim > Erdfelt > *Sent:* Thursday, May 12, 2022 4:07 PM > *To:* JETTY user mailing list <jetty-users@eclipse.org> > *Subject:* Re: [jetty-users] Jetty 10 SSL configuration > > > > Start here > > > > > https://www.eclipse.org/jetty/documentation/jetty-10/operations-guide/index.html#og-protocols > <https://urldefense.com/v3/__https:/www.eclipse.org/jetty/documentation/jetty-10/operations-guide/index.html*og-protocols__;Iw!!F8lEXw!9qw6isIFnaaD8zP1tG-v5zo-XPDcgkR69non-dUxmSqpUZ1Khbfesp5IGbk76dMZnyaF-cKh9HBrXF8YGg$> > > > > You'll want to know about Connectors, thru to SslContextFactory. > > You'll also need to consult RHEL documentation on allowing a program to > bind to port 80 or 443. > > > > Note: port 80 is not for SSL its for http (plaintext) > > Use 443, that's the default for https (TLS / SSL) > > > Joakim Erdfelt / joa...@webtide.com > > > > > > On Thu, May 12, 2022 at 3:26 PM Esquivel, Vince <esquiv...@uhd.edu> wrote: > > I installed jetty 10 on my RHEL 8 server but having a hard time > configuring SSL on it. I am a jetty newbie and trying to learn on the > fly. Does anyone have a link or document on how to configure SSL on port > 80 for Jetty 10? > > > > Thanks in advance. > > > > Vince > > _______________________________________________ > jetty-users mailing list > jetty-users@eclipse.org > To unsubscribe from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users > <https://urldefense.com/v3/__https:/www.eclipse.org/mailman/listinfo/jetty-users__;!!F8lEXw!9qw6isIFnaaD8zP1tG-v5zo-XPDcgkR69non-dUxmSqpUZ1Khbfesp5IGbk76dMZnyaF-cKh9HD8ZdaV3w$> > > _______________________________________________ > jetty-users mailing list > jetty-users@eclipse.org > To unsubscribe from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users >
_______________________________________________ jetty-users mailing list jetty-users@eclipse.org To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
