Re: [jetty-users] How to Jetty server listen on multiple IP addresses

Thu, 11 May 2023 04:51:12 -0700 

Hi,
The default config files using those properties only install a single connector using the configuration XML. These XML files use the mentioned "jetty.ssl.host" properties as dynamic settings to setup the IP address of a single connector. To listen on multiple IP addresses, the Jetty server must install multiple connectors (one for each IP address). This can only be done by using your own XML configuration file just editing the properties files is not posisble for those complex setups. Search for "jetty.ssl.host" in all XML files and start from there (duplicating connectors and so on). 


Uwe


Am 11.05.2023 um 12:19 schrieb ihonda--- via jetty-users:


Hi,


This is about Jetty's SSL server bind port.

By default, SSL server listen at all ip address on the host.

Default 0.0.0.0.
Our host have multiple network devices, each device has different ip address.
Security team want we do not want jetty to listen on unnecessary network device(ip address). 


Here is ssl.ini file. If I set hostname or ip address, Jetty listen on

that specific address.


$JETTY_HOME/start.d/ssl.ini


# ---------------------------------------

# Module: ssl

# Enables a TLS(SSL) Connector on the server.

# This may be used for HTTPS and/or HTTP2 by enabling

# the associated support modules.

# ---------------------------------------

--module=ssl

### TLS(SSL) Connector Configuration

## Connector host/address to bind to

jetty.ssl.host=`hostname`
Requirement is we want this configuration flexible. For example, we want to 

listen on multiple addresses on the interface.


This kind of setting is not valid.

jetty.ssl.host="host_a,host_b,localhost"


How can I enable listen(bind) on multiple host address ?

i.e.

 Specify multiple network device to listen on

 Specify range of ip address to listen on

 Specify hostname+localhost to listen on


---

Iori Honda


_______________________________________________
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, 
visithttps://www.eclipse.org/mailman/listinfo/jetty-users


--
Uwe Schindler
uschind...@apache.org ASF Member, Member of PMC and Committer of Apache Lucene and Apache Solr 
Bremen, Germany
https://lucene.apache.org/
https://solr.apache.org/

_______________________________________________
jetty-users mailing list
jetty-users@eclipse.org
To unsubscribe from this list, visit 
https://www.eclipse.org/mailman/listinfo/jetty-users

Reply via email to