25

I'm using jetty version 9.0.0.M4 and am trying to configure it to accept SSL connections. following the instructions in: http://www.eclipse.org/jetty/documentation/current/configuring-connectors.html

I've managed to write something that works. However, the code I wrote seems ugly and unnecessarily complex. Any idea how to do this properly?

final Server server = new Server(Config.Server.PORT);

SslContextFactory contextFactory = new SslContextFactory();
contextFactory.setKeyStorePath(Config.Location.KEYSTORE_LOCATION);
contextFactory.setKeyStorePassword("******");
SslConnectionFactory sslConnectionFactory = new SslConnectionFactory(contextFactory, org.eclipse.jetty.http.HttpVersion.HTTP_1_1.toString());

HttpConfiguration config = new HttpConfiguration();
config.setSecureScheme("https");
config.setSecurePort(Config.Server.SSL_PORT);
config.setOutputBufferSize(32786);
config.setRequestHeaderSize(8192);
config.setResponseHeaderSize(8192);
HttpConfiguration sslConfiguration = new HttpConfiguration(config);
sslConfiguration.addCustomizer(new SecureRequestCustomizer());
HttpConnectionFactory httpConnectionFactory = new HttpConnectionFactory(sslConfiguration);

ServerConnector connector = new ServerConnector(server, sslConnectionFactory, httpConnectionFactory);
connector.setPort(Config.Server.SSL_PORT);
server.addConnector(connector);

server.start();
server.join();
Cœur
  • 37,241
  • 25
  • 195
  • 267
user1984205
  • 251
  • 1
  • 3
  • 3

4 Answers4

13

The ServerConnector should be setup with an SslContextFactory.

The rest of the work you are doing in the HttpConfiguration is irrelevant to setting up SSL.

A good example of setting up SSL in embedded mode is maintained in the embedded jetty examples project. http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/examples/embedded/src/main/java/org/eclipse/jetty/embedded/LikeJettyXml.java

Edit: to be more clear (thanks Erik)

Update: June 2016

The Eclipse Jetty Project has moved its canonical repository to github.

The above LikeJettyXml.java can now be found at

https://github.com/eclipse/jetty.project/blob/jetty-9.4.x/examples/embedded/src/main/java/org/eclipse/jetty/embedded/LikeJettyXml.java

Joakim Erdfelt
  • 46,896
  • 7
  • 86
  • 136
  • "The rest of the work you are doing in the HttpConfiguration is unnecessary." - so is there a better way to set the request/response header sizes? – Hakanai May 15 '13 at 03:27
  • I'm not saying you can't use it, just that its generally not needed to accomplish the goals you have set out in your question. If you need to control the headers then by all means use the HttpConfiguration. – Joakim Erdfelt May 15 '13 at 04:45
  • 1
    @JoakimErdfelt: I have to admit the *"is unnecessary"* part also puzzled me for a few minutes... perhaps it would be nicer to say *"irrelevant to setting up SSL"*. Otherwise +1 – Erik Kaplun Apr 29 '14 at 15:48
5

For Jetty 9 there is a good reference here and all you need to do is to create the JKS keystore file as explained here. using the command keytool -genkey -alias sitename -keyalg RSA -keystore keystore.jks -keysize 2048. For some reason what works with jetty 8 is not what works on 9.

Community
  • 1
  • 1
Bwire
  • 1,181
  • 1
  • 14
  • 25
  • 1
    The first link is no longer valid. The second link will probably only be useful to people who already have a great deal of knowledge about Jetty. – HeadCode Aug 02 '19 at 19:29
0

For those who can't get above configuration working: If you are using java 1.7, ensure you have latest update of it. First versions of jvm 1.7 cause problems with accessing https web pages (browser may display: connection reset, connection aborted, or no data received error).

vinga
  • 1,912
  • 20
  • 33
0

For Eebbeded jetty server then use

SslContextFactory.Server sslContextFactory = new SslContextFactory.Server(); this will solve the problem.

user21386645
  • 1
  • 1