Hi, Just tested on Karaf 4.2.2 and I confirmed that it works well on Firefox and Chrome according to the JB's blog post ;)
Regards, François Papon [email protected] Le 06/02/2019 à 09:02, Jean-Baptiste Onofré a écrit : > Hi Scott, > > I did a blog while ago about SSL with Karaf: > > http://blog.nanthrax.net/?p=316 > > > This config should work straigh forward: > > org.osgi.service.http.port=8181 > org.osgi.service.http.port.secure=8443 > org.osgi.service.http.secure.enabled=true > org.ops4j.pax.web.ssl.keystore=./etc/keystores/keystore.jks > org.ops4j.pax.web.ssl.password=password > org.ops4j.pax.web.ssl.keypassword=password > > It seems this is SSL version issue with the browser. Did you try with > another client like curl ? > I will try with latest chrome version. I keep you posted. > > Regards > JB > > On 05/02/2019 22:51, Leschke, Scott wrote: >> I’m trying to get HTTPS working with Karaf and I’m looking at the >> following page: https://karaf.apache.org/manual/latest/webcontainer >> >> >> >> I created a keystore using the following command: >> >> keytool –genkey –alias myapp -storetype pkcs12 –keystore .keystore.p12 >> >> >> >> I’m using the following org.ops4j.pax.web.cfg file >> >> >> >> org.osgi.service.http.port=8181 >> >> javax.servlet.context.tempdir=${karaf.data}/pax-web-jsp >> >> org.ops4j.pax.web.config.file=${karaf.etc}/jetty.xml >> >> org.apache.karaf.features.configKey = org.ops4j.pax.web >> >> >> >> org.osgi.service.http.enabled=false >> >> org.osgi.service.https.enabled=true >> >> org.osgi.service.http.port.secure=8443 >> >> org.osgi.service.http.secure.enabled=true >> >> >> >> org.ops4j.pax.web.ssl.keystore=${karaf.home}/../.keystore.p12 >> >> org.ops4j.pax.web.ssl.password= MYSTOREPWD >> >> org.ops4j.pax.web.ssl.keypassword=MYSTOREPWD >> >> >> >> >> >> It seems that no matter what I try the browser (Chrome) gives me the >> following. I’ve tried various things I’ve found online but to no avail. >> >> Anybody have recommendations? >> >> >> >> This site can’t provide a secure connection >> >> *mysrv1* uses an unsupported protocol. >> >> ERR_SSL_VERSION_OR_CIPHER_MISMATCH >> >> Hide details >> >> *Unsupported protocol* >> >> The client and server don't support a common SSL protocol version or >> cipher suite. >> >> >>
