Hi Thomas, How do i generate mycacerts.jks file using keytool as in my case trustore is pointing to keystore file as mentioned in below link .. http://docs.codehaus.org/display/JETTY/How+to+configure+SSL#HowtoconfigureSSL-PasswordIssues here check step4.
Best Regards Mitul On Mon, Feb 28, 2011 at 2:28 PM, Hugues Malphettes <[email protected]>wrote: > Hi Mitul, > Dmytro was able to use configure the SSL connector from inside a > bundle using this enhancement. > As far as I know migrating to jetty-7.3.0 from to 7.2.2 should not > make any other changes. > > For the rest of us on the mailing list, starting with jetty-7.3.0, it > is possible to have jetty-osgi find resources in the bundle where the > jetty server is configured using the property > "this.jetty.xml.parent.folder.url" > When jetty-osgi configures such a jetty.xml, it will compute the value > of the property "this.jetty.xml.parent.folder.url" > relative to the osgi bundle. For example in equinox: > bundleentry://1234/jettyhome > > So it can be used for the SslConnector: > <Call name="addConnector"> > <Arg> > <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector"> > <Set name="Port"> > <SystemProperty name="jetty.port" default="8443"/> > </Set> > <Set name="maxIdleTime">30000</Set> > <Set name="Acceptors">2</Set> > <Set name="AcceptQueueSize">100</Set> > <Set name="Keystore"><Property > name="this.jetty.xml.parent.folder.url"/>/etc/mykeystore.jks</Set> > <Set name="needClientAuth">false</Set> > <Set name="Password">mypassword</Set> > <Set name="KeyPassword">mypassword</Set> > <Set name="truststore">etc/mycacerts.jks</Set> > <Set name="trustPassword">mypassword</Set> > </New> > </Arg> > </Call> > > Hugues > > > On Mon, Feb 28, 2011 at 4:49 PM, Mitul Adhia <[email protected]> > wrote: > > Hi Hugues, > > > > yes this is the issue which i am facing currently in jetty 7.2.2 . I was > > going through the below mention link to enable https in jetty 7.2.2 . > > > > > http://docs.codehaus.org/display/JETTY/How+to+configure+SSL#HowtoconfigureSSL-PasswordIssues > > > > Hope there are no further changes in creation of keystore . I have used > > keytool from Java SDK for generation of keystore .If any more changes are > > incorporated in jetty 7.3 do let me know . > > For password i have used password storage mechanism in jetty > > http://wiki.eclipse.org/Jetty/Howto/Secure_Passwords . The encryped > password > > i have stored in jetty.xml under the SSL configuration element . > > > > Best Regards, > > Mitul > > > > > > On Mon, Feb 28, 2011 at 8:13 AM, Hugues Malphettes < > [email protected]> > > wrote: > >> > >> Hi Mitul, > >> Here is what you are looking for: > >> https://bugs.eclipse.org/bugs/show_bug.cgi?id=334062 > >> I am afraid this is available only in 7.3.0.v20110203 > >> Let us know how it goes. > >> Hugues > >> > >> On Sat, Feb 26, 2011 at 11:18 PM, Mitul Adhia <[email protected]> > >> wrote: > >> > Any reply for this please !!!!! > >> > > >> > On Fri, Feb 25, 2011 at 6:24 PM, Mitul Adhia <[email protected]> > >> > wrote: > >> >> > >> >> Hi Thomas, > >> >> My application is working on windows machine .. > >> >> Yes the path should be relative to the bundle where jettyconfig > bundle. > >> >> What should be the value in JETTY_HOME ??? Is the keyword is case > >> >> sensitive ??? Whether it should be jetty.home or jetty_home ?? > >> >> Best regards, > >> >> Mitul > >> >> > >> >> On Fri, Feb 25, 2011 at 5:57 PM, Thomas Becker <[email protected]> > >> >> wrote: > >> >>> > >> >>> Hi Mitul, > >> >>> > >> >>> sorry, I misunderstood your requirements. I guess in your case the > >> >>> path > >> >>> is relative to where you've started jetty. Can you confirm this? I'm > >> >>> pretty > >> >>> sure that /etc/keystore1 on a linux box will resolve to the absolute > >> >>> path > >> >>> /etc/keystore1 as you would expect. > >> >>> > >> >>> Have you tried setting a JETTY_HOME environment variable and > removing > >> >>> the > >> >>> leading slash from the path? "etc/keystore1" instead of > >> >>> "/etc/keystore1" > >> >>> > >> >>> Cheers, > >> >>> Thomas > >> >>> > >> >>> On 25/02/2011 10:28, Mitul Adhia wrote: > >> >>> > >> >>> Hi Thomas, > >> >>> The requirement is not to set the absolute path which is always > >> >>> possible > >> >>> . I mean if i set the path from the start of directory structure it > >> >>> would definitely work . But what if i wanted to set the path > relative > >> >>> to the > >> >>> bundle . My application would be in finally be zipped and shipped . > >> >>> Definetly the customer are not going to unzip the bundles in C > >> >>> directory > >> >>> always ..it can be in any directory . > >> >>> Best Regards, > >> >>> Mitul > >> >>> On Fri, Feb 25, 2011 at 1:49 PM, Thomas Becker <[email protected] > > > >> >>> wrote: > >> >>>> > >> >>>> Hi Mitul, > >> >>>> > >> >>>> as you're on windows have you tried setting the path to: > >> >>>> "C:\etc\keystore1"? > >> >>>> > >> >>>> regards, > >> >>>> Thomas > >> >>>> > >> >>>> On 25/02/2011 09:14, Mitul Adhia wrote: > >> >>>> > >> >>>> Hi All, > >> >>>> I am using embedded jetty 7.2.2. and wanted to configure SSL in it > . > >> >>>> For > >> >>>> this i have created fragment bundle named jettyconfig which consist > >> >>>> of > >> >>>> FragmentActivator class and jetty.xml & keystore1 located under > >> >>>> folder etc. > >> >>>> The fragment bundle is called from jetty.boot bundle . > >> >>>> Attach is the complete jettyconfig fragment bundle for your > reference > >> >>>> . > >> >>>> In jetty.xml file if i set the keystore path as highlighted below > i > >> >>>> get the > >> >>>> following exception > >> >>>> jetty.xml entry for SSL > >> >>>> <Call name="addConnector"> > >> >>>> > >> >>>> <Arg> > >> >>>> <New > >> >>>> class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector"> > >> >>>> <Set name="Port">8443</Set> > >> >>>> <Set name="maxIdleTime">30000</Set> > >> >>>> > >> >>>> <Set name="Acceptors">2</Set> > >> >>>> > >> >>>> <Set name="AcceptQueueSize">100</Set> > >> >>>> <Set name="Keystore"><Property name="jetty.home" default="." > >> >>>> />/etc/keystore1</Set> > >> >>>> <Set name="Password">OBF:1igd1igf1igh1idp1idr1idt</Set> > >> >>>> <Set name="KeyPassword">OBF:1igd1igf1igh1idp1idr1idt</Set> > >> >>>> <Set name="truststore"><Property name="jetty.home" default="." > >> >>>> />/etc/keystore1</Set> > >> >>>> > >> >>>> <Set name="trustPassword">OBF:1igd1igf1igh1idp1idr1idt</Set> > >> >>>> </New> > >> >>>> > >> >>>> </Arg> > >> >>>> </Call> > >> >>>> Exception trace below comes on console when jetty is coming up : > >> >>>> 2011-02-25 13:33:43.671:INFO::Started > >> >>>> [email protected]:50099 > >> >>>> 2011-02-25 13:33:43.672:WARN::FAILED > >> >>>> [email protected]:8443: > >> >>>> java.io.FileNotFoundException: > >> >>>> C:\Mitul\Software\eclipse-jpaas-helios-SR1-win32\etc\keystore1 (The > >> >>>> system > >> >>>> cannot find the path specified) > >> >>>> 2011-02-25 13:33:43.673:WARN::FAILED > >> >>>> org.eclipse.jetty.server.Server@182a70: > >> >>>> java.io.FileNotFoundException: > >> >>>> C:\Mitul\Software\eclipse-jpaas-helios-SR1-win32\etc\keystore1 (The > >> >>>> system > >> >>>> cannot find the path specified) > >> >>>> java.io.FileNotFoundException: > >> >>>> C:\Mitul\Software\eclipse-jpaas-helios-SR1-win32\etc\keystore1 (The > >> >>>> system > >> >>>> cannot find the path specified) > >> >>>> at java.io.FileInputStream.open(Native Method) > >> >>>> at java.io.FileInputStream.<init>(FileInputStream.java:106) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.jetty.util.resource.FileResource.getInputStream(FileResource.java:274) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.jetty.server.ssl.SslSelectChannelConnector.getKeyStore(SslSelectChannelConnector.java:683) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.jetty.server.ssl.SslSelectChannelConnector.getKeyManagers(SslSelectChannelConnector.java:650) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.jetty.server.ssl.SslSelectChannelConnector.createSSLContext(SslSelectChannelConnector.java:637) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:595) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:55) > >> >>>> at org.eclipse.jetty.server.Server.doStart(Server.java:254) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:55) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.jetty.osgi.boot.internal.serverfactory.ServerInstanceWrapper.start(ServerInstanceWrapper.java:175) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.jetty.osgi.boot.internal.serverfactory.JettyServerServiceTracker.serviceChanged(JettyServerServiceTracker.java:108) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:104) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:933) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:227) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:149) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:756) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:711) > >> >>>> at > >> >>>> > >> >>>> > org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130) > >> >>>> If the path is changed to /newWP1/jettyconfig/etc/ketystore1 then > it > >> >>>> is > >> >>>> able to locate the given file . Here newWP1 is my eclipse > workspace > >> >>>> name & > >> >>>> jettyconfig is the bundle which is attached . > >> >>>> I wanted to know how can i point to required file without the use > >> >>>> of /newWP1/jettyconfig in key store path ??? > >> >>>> > >> >>>> Best Regards, > >> >>>> mitul > >> >>>> > >> >>>> _______________________________________________ > >> >>>> jetty-users mailing list > >> >>>> [email protected] > >> >>>> https://dev.eclipse.org/mailman/listinfo/jetty-users > >> >>> > >> >> > >> > > >> > > >> > _______________________________________________ > >> > jetty-users mailing list > >> > [email protected] > >> > https://dev.eclipse.org/mailman/listinfo/jetty-users > >> > > >> > > > > > >
_______________________________________________ jetty-users mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/jetty-users
