Turns out my keystore wasn't quite set up correctly. Despite appearing to load the right certificate, it wasn't, so I had to follow the instructions here:
http://wiki.eclipse.org/Jetty/Howto/Configure_SSL#Loading_Keys_and_Certificates_via_PKCS12 To convert my .crt and .key files into a .p12 file, and then import that into the keystore using keytool. Just if anyone comes across this thread... Martin On 19 September 2011 16:46, Martin Hewitt <[email protected]> wrote: > Sorry, forgot to mention. I'm using Jetty-7.3.1v20110307. > > Martin > > On 19 September 2011 16:18, Martin Hewitt <[email protected]> wrote: >> Hi, >> >> I've been trying to get SSL working with an embedded Jetty install and >> I keep bumping up against the above error. >> >> I've stripped out the ancillary code to simply leave a test server >> which adds an SslChannelConnector and starts. >> >> The logging (-Djavax.net.debug=all) appears to find the certificate >> without trouble, but whenever I try and connect I get the "cipher >> suites" error. >> >> My embedded code is (assume 's' is a map of configuration values, and >> assume server is: Server server = new Server() ): >> >> >> SslContextFactory scf = new SslContextFactory(); >> scf.setKeyStore(s.get("keystore")); >> scf.setKeyStorePassword(s.get("keystorePassword")); >> >> scf.setTrustStore( s.get("keystore") ); >> scf.setTrustStorePassword(s.get("keystorePassword")); >> >> scf.setKeyManagerPassword(s.get("keystorePassword")); >> >> SslSelectChannelConnector connector = new >> SslSelectChannelConnector(scf); >> connector.setPort( port ); >> >> server.addConnector(connector); >> >> Prior to updating the embedded code, I used keytool to import the >> certificate as detailed here: >> http://wiki.eclipse.org/Jetty/Reference/SSL_Connectors >> >> I've tried using SslContextFactory#setIncludeCipherSuites to no avail. >> >> Any help or pointers would be greatly appreciated. >> >> Thanks, >> >> Martin >> > _______________________________________________ jetty-users mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/jetty-users
