What does your endpoint configuration look like? It is likely either using a different port to the jetty configuration, or else it is not referencing the jetty endpoint configuration via a "depends-on="tls-settings"", where "tls-settings" is the "id" of the "httpj:engine-factory". Here is an example:
https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob_plain;f=systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/ut/server.xml;hb=HEAD Colm. Colm. On Mon, Nov 3, 2014 at 6:57 PM, <[email protected]> wrote: > I am migrating some (more) legacy code up to CXF 2.7 from 2.3. The code > used to build and run fine, but now I'm getting an exception (trimmed to > the relevant part) ... > > Caused by: java.io.IOException: JSSE Security Exception > at > gov.faa.swim.ctk.harness.wss.common.server.CtkJettyHTTPTransportFactory.createDestination(CtkJettyHTTPTransportFactory.java:136) > at > gov.faa.swim.ctk.harness.wss.common.server.CtkJettyHTTPTransportFactory.getDestination(CtkJettyHTTPTransportFactory.java:111) > at > org.apache.cxf.binding.soap.SoapTransportFactory.getDestination(SoapTransportFactory.java:142) > at > org.apache.cxf.endpoint.ServerImpl.initDestination(ServerImpl.java:83) > at > org.apache.cxf.endpoint.ServerImpl.<init>(ServerImpl.java:62) > at > org.apache.cxf.frontend.ServerFactoryBean.create(ServerFactoryBean.java:170) > ... 52 more > Caused by: java.lang.RuntimeException: Protocol mismatch for port 15443: > engine's protocol is http, the url protocol is https > at > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.finalizeConfig(JettyHTTPDestination.java:162) > at > gov.faa.swim.ctk.harness.wss.common.server.CtkJettyHTTPTransportFactory.createDestination(CtkJettyHTTPTransportFactory.java:131) > ... 57 more > Caused by: java.io.IOException: Protocol mismatch for port 15443: > engine's protocol is http, the url protocol is https > at > org.apache.cxf.transport.http_jetty.JettyHTTPServerEngineFactory.createJettyHTTPServerEngine(JettyHTTPServerEngineFactory.java:271) > at > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.retrieveEngine(JettyHTTPDestination.java:127) > at > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.finalizeConfig(JettyHTTPDestination.java:160) > ... 58 more > > So it would seem that the server engine is not correctly configured for > TLS/HTTPS, but as far as I can tell it is. This is how the engine factory > is set up: > > <httpj:engine-factory bus="cxf"> > <httpj:identifiedTLSServerParameters id="secure"> > <httpj:tlsServerParameters> > <sec:keyManagers keyPassword="${tlsKeystorePassword}"> > <sec:keyStore type="JKS" password="${tlsKeyPassword}" > file="${tlsKeystore}"/> > </sec:keyManagers> > <sec:trustManagers> > <sec:keyStore type="JKS" password="${tlsTruststorePassword}" > file="${tlsTruststore}"/> > </sec:trustManagers> > <sec:cipherSuitesFilter> > <sec:include>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</sec:include> > <sec:include>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</sec:include> > <sec:include>TLS_RSA_WITH_AES_256_CBC_SHA</sec:include> > <sec:include>TLS_DH_DSS_WITH_AES_256_CBC_SHA</sec:include> > <sec:include>TLS_DH_RSA_WITH_AES_256_CBC_SHA</sec:include> > <sec:include>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</sec:include> > <sec:include>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</sec:include> > <sec:include>TLS_RSA_WITH_AES_128_CBC_SHA</sec:include> > <sec:include>TLS_DH_DSS_WITH_AES_128_CBC_SHA</sec:include> > <sec:include>TLS_DH_RSA_WITH_AES_128_CBC_SHA</sec:include> > <sec:include>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</sec:include> > <sec:include>TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA</sec:include> > <sec:include>TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA</sec:include> > <sec:include>TLS_RSA_WITH_3DES_EDE_CBC_SHA</sec:include> > <sec:include>TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA</sec:include> > <sec:include>TLS_DH_RSA_WITH_3DES_EDE_CBC_SH</sec:include> > </sec:cipherSuitesFilter> > </httpj:tlsServerParameters> > </httpj:identifiedTLSServerParameters> > <httpj:engine port="${port}"> > <httpj:tlsServerParametersRef id="secure" /> > <httpj:threadingParameters minThreads="5" maxThreads="15" /> > </httpj:engine> > </httpj:engine-factory> > > Does anyone know if there was a change somewhere along the line that isn't > accounted for in here? Any kicks in the right direction would be > appreciated, thanx! > > Stephen W. Chappell > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
