----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/3584/#review4837 -----------------------------------------------------------
Probably I am doing something wrong, but I get the following error: Maybe, you can add some instructions on how to setup the keystore etc... ? I used the following command to generate the keystore: keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 360 -keysize 2048 >From >http://www.sslshopper.com/article-how-to-create-a-self-signed-certificate-using-java-keytool.html [java] 2012-02-06 20:17:03.440:DBUG:oejuc.AbstractLifeCycle:STARTED org.eclipse.jetty.http.ssl.SslContextFactory@c9 021e3#STARTED [java] 2012-02-06 20:17:03.442:INFO:oejs.AbstractConnector:Started SslSocketConnector@127.0.0.1:9898 STARTING [java] 2012-02-06 20:17:03.443:DBUG:oejuc.AbstractLifeCycle:STARTED SslSocketConnector@127.0.0.1:9898 STARTED [java] 2012-02-06 20:17:03.443:DBUG:oejuc.AbstractLifeCycle:STARTED org.eclipse.jetty.server.Server@625db9eb [java] 2012-02-06 20:17:03.452:DBUG:oejs.session:new session 1r7992u0xjdg9uzajpozf9f9i 1r7992u0xjdg9uzajpozf9f9i [java] 2012-02-06 20:17:03.541:DBUG:oejs.session:new session lssn6g0krk5g4i9h67vyha6b lssn6g0krk5g4i9h67vyha6b [java] 2012-02-06 20:17:03.945:DBUG:oejss.SslSocketConnector: [java] javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? [java] at com.sun.net.ssl.internal.ssl.InputRecord.handleUnknownRecord(InputRecord.java:523) [java] at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:355) [java] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:830) [java] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1170) [java] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1197) [java] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1181) [java] at org.eclipse.jetty.server.ssl.SslSocketConnector$SslConnectorEndPoint.run(SslSocketConnector.java:662) - Yuri On 2012-02-05 22:16:10, Ali Lown wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/3584/ > ----------------------------------------------------------- > > (Updated 2012-02-05 22:16:10) > > > Review request for wave, Michael MacFadden and Yuri Zelikov. > > > Summary > ------- > > Adds SSL capabilities as: > > - Adds 3 new config options (globally enable ssl, keystore, keystore password) > - Changes to use the SSLSelectChannelConnector if needed > - Client-side websocket (wss/ws) detection based upon window.location.protocol > - Updates socket.io.js (separate from this since it couldn't be diff'd in > this conventional means being a binary blob) (I couldn't find a nicer way of > doing this detection, which is the same as the above js, to check > window.location.protocol then decide whether to set 'this.options.base.secure > = true' > As such, this has been attached to the 'Wave with HTTPS' mailing-list thread. > > > Diffs > ----- > > /server-config.xml 1237143 > /server.config.example 1237143 > /src/org/waveprotocol/box/server/CoreSettings.java 1237143 > /src/org/waveprotocol/box/server/robots/agent/AbstractBaseRobotAgent.java > 1237143 > /src/org/waveprotocol/box/server/robots/agent/AbstractCliRobotAgent.java > 1237143 > /src/org/waveprotocol/box/server/robots/agent/welcome/WelcomeRobot.java > 1237143 > > /src/org/waveprotocol/box/server/robots/operations/GravatarProfilesFetcher.java > 1237143 > /src/org/waveprotocol/box/server/rpc/ServerRpcProvider.java 1237143 > /src/org/waveprotocol/box/webclient/client/WebClient.java 1237143 > /test/org/waveprotocol/box/server/robots/agent/AbstractRobotAgentTest.java > 1237143 > /test/org/waveprotocol/box/server/rpc/RpcTest.java 1237143 > > Diff: https://reviews.apache.org/r/3584/diff > > > Testing > ------- > > _Correctly_ setting up the keystore is quite difficult if you want to use > existing certificates, but once setup: > - Tested with enableSsl = true -> works > - Tested with enableSsl = false -> works > > > Thanks, > > Ali > >
