Ah, this sounds familiar.
Try starting jetty with -Dorg.eclipse.jetty.LEVEL=DEBUG
https://bugs.eclipse.org/bugs/show_bug.cgi?id=430951#c39
and see if you get an error regarding cipher suites like I did
https://bugs.eclipse.org/bugs/show_bug.cgi?id=430951#c42
If you do, I think I know how to fix the problem.
Thomas wrote:
I have an Problem when i try to setup an jetty-9.3 with https.
I put all the config into one xml but there is an problem.
Can anyone give me some hints ?
Gruß Thomas
2015-05-14T00:41:15.700 INFO Started
ServerConnector@15b204a1{HTTP/1.1,[http/1.1, h2c, h2c-17, h2c-16,
h2c-15, h2c-14]}{0.0.0.0:80}
2015-05-14T00:41:15.732 INFO x509={jetty.mortbay.org=jetty} for
ExtendedSslContextFactory@47542153(file:///D:/workspace/JETTY-9.3/etc/keystore,file:///D:/workspace/JETTY-9.3/etc/keystore)
2015-05-14T00:41:15.747 INFO Started ServerConnector@4445629{SSL,[ssl,
http/1.1]}{0.0.0.0:443}
2015-05-14T00:41:15.747 INFO Started @1315ms
2015-05-14T00:41:18.685 WARN Illegal character 0x0 in state=START for
buffer
HeapByteBuffer@32bdf1a3[p=1,l=17408,c=17408,r=17407]={\x00<<<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00...\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00>>>}
2015-05-14T00:41:18.696 WARN bad HTTP parsed: 400 Illegal character 0x0
for HttpChannelOverHttp@669a06e0{r=0,c=false,a=IDLE,uri=-}
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN"
"http://www.eclipse.org/jetty/configure_9_3.dtd";>
<Configure id="Server" class="org.eclipse.jetty.server.Server">
<!-- uncomment to change type of threadpool<Arg name="threadpool"><New
id="threadpool"
class="org.eclipse.jetty.util.thread.QueuedThreadPool"/></Arg> -->
<Get name="ThreadPool">
<Set name="minThreads" type="int">10</Set>
<Set name="maxThreads" type="int">200</Set>
<Set name="idleTimeout" type="int">60000</Set>
<Set name="detailedDump">false</Set>
</Get>
<Call name="addBean"><Arg><New
class="org.eclipse.jetty.util.thread.ScheduledExecutorScheduler"/></Arg></Call>
<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Set name="secureScheme">https</Set>
<Set name="securePort">8443</Set>
<Set name="outputBufferSize">32768</Set>
<Set name="outputAggregationSize">8192</Set>
<Set name="requestHeaderSize">8192</Set>
<Set name="responseHeaderSize">8192</Set>
<Set name="sendServerVersion">true</Set>
<Set name="sendDateHeader">false</Set>
<Set name="headerCacheSize">512</Set>
<Set name="delayDispatchUntilContent">true</Set>
<!-- Uncomment to enable handling of X-Forwarded- style headers<Call
name="addCustomizer"><Arg><New
class="org.eclipse.jetty.server.ForwardedRequestCustomizer"/></Arg></Call>
-->
</New>
<Set name="handler">
<New id="Handlers"
class="org.eclipse.jetty.server.handler.HandlerCollection">
<Set name="handlers">
<Array type="org.eclipse.jetty.server.Handler">
<Item><New id="Contexts"
class="org.eclipse.jetty.server.handler.ContextHandlerCollection"/></Item>
<Item><New id="DefaultHandler"
class="org.eclipse.jetty.server.handler.DefaultHandler"/></Item>
<Item>
<New id="DebugHandler"
class="org.eclipse.jetty.server.handler.DebugHandler">
<Set name="outputStream">
<New class="org.eclipse.jetty.util.RolloverFileOutputStream">
<Arg type="String"><Property name="jetty.debuglog.dir"
deprecated="jetty.logs" default="./logs"/>/yyyy_mm_dd.debug.log</Arg>
<Arg type="boolean">true</Arg>
<Arg type="int">90</Arg>
<Arg>
<Call class="java.util.TimeZone"
name="getTimeZone"><Arg>GMT</Arg></Call>
</Arg>
</New>
</Set>
</New>
</Item>
</Array>
</Set>
</New>
</Set>
<Set name="stopAtShutdown">true</Set>
<Set name="stopTimeout">5000</Set>
<Set name="dumpAfterStart">false</Set>
<Set name="dumpBeforeStop">false</Set>
<New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Arg><Ref refid="httpConfig"/></Arg>
<Call name="addCustomizer"><Arg><New
class="org.eclipse.jetty.server.SecureRequestCustomizer"><Arg
type="boolean">true</Arg></New></Arg></Call>
</New>
<New id="httpConFac"
class="org.eclipse.jetty.server.HttpConnectionFactory"><Arg
name="config"><Ref refid="httpConfig" /></Arg></New>
<New id="httpsConFac"
class="org.eclipse.jetty.server.HttpConnectionFactory"><Arg
name="config"><Ref refid="sslHttpConfig" /></Arg></New>
<New id="proxyConFac"
class="org.eclipse.jetty.server.ProxyConnectionFactory"/>
<New id="http2ConFac"
class="org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory">
<Arg name="config"><Ref refid="sslHttpConfig"/></Arg>
<Set name="maxConcurrentStreams">1024</Set>
<Set name="initialStreamSendWindow">65535</Set>
</New>
<Call name="addConnector" id="port.00080">
<Arg>
<New id="httpConnector"
class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server"><Ref refid="Server" /></Arg>
<Arg name="acceptors" type="int">-1</Arg>
<Arg name="selectors" type="int">-1</Arg>
<Arg name="factories">
<Array type="org.eclipse.jetty.server.ConnectionFactory">
<!-- uncomment to support proxy protocol<Item><Ref
refid="proxyConFac"/></Item> -->
<Item><Ref refid="httpConFac"/></Item>
</Array>
</Arg>
<Set name="host">0.0.0.0</Set>
<Set name="port">80</Set>
<Set name="idleTimeout">30000</Set>
<Set name="soLingerTime">-1</Set>
<Set name="acceptorPriorityDelta">0</Set>
<Set name="acceptQueueSize">0</Set>
<Call name="addConnectionFactory">
<Arg>
<New
class="org.eclipse.jetty.http2.server.HTTP2CServerConnectionFactory">
<Arg name="config"><Ref refid="httpConfig"/></Arg>
<Set name="maxConcurrentStreams">1024</Set>
<Set name="initialStreamSendWindow">65535</Set>
</New>
</Arg>
</Call>
</New>
</Arg>
</Call>
<Call name="addConnector" id="port.00443">
<Arg>
<New id="sslConnector" class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server"><Ref refid="Server" /></Arg>
<Arg name="acceptors" type="int">-1</Arg>
<Arg name="selectors" type="int">-1</Arg>
<Arg name="factories">
<Array type="org.eclipse.jetty.server.ConnectionFactory">
<!-- uncomment to support proxy protocol<Item><Ref
refid="proxyConFac"/></Item> -->
<Item>
<New class="org.eclipse.jetty.server.SslConnectionFactory">
<Arg name="sslContextFactory">
<New id="sslContextFactory"
class="org.eclipse.jetty.util.ssl.ExtendedSslContextFactory">
<Set name="useCipherSuitesOrder">true</Set>
<Set name="KeyStorePath">./etc/keystore</Set>
<Set name="KeyStorePassword"
OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4</Set>
<Set name="KeyManagerPassword"
OBF:1u2u1wml1z7s1z7a1wnl1u2g</Set>
<Set name="TrustStorePath">./etc/keystore</Set>
<Set name="TrustStorePassword"
OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4</Set>
<Set name="EndpointIdentificationAlgorithm"></Set>
<Set name="NeedClientAuth">false</Set>
<Set name="WantClientAuth">false</Set>
<Set name="ExcludeCipherSuites">
<Array type="String">
<Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
<Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
<Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
</Array>
</Set>
</New>
</Arg>
<Arg name="next">http/1.1</Arg>
</New>
</Item>
<Item><Ref refid="httpsConFac"/></Item>
<Item><Ref refid="http2ConFac"/></Item>
</Array>
</Arg>
<Set name="host">0.0.0.0</Set>
<Set name="port">443</Set>
<Set name="idleTimeout">30000</Set>
<Set name="soLingerTime">-1</Set>
<Set name="acceptorPriorityDelta">0</Set>
<Set name="acceptQueueSize">0</Set>
</New>
</Arg>
</Call>
</Configure>
_______________________________________________
jetty-users mailing list
[email protected]
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
--
Lobos Studios - Website and Mobile App Design & Development; IT Support;
Computer Maintenance
Toll Free 877.919.4WEB - Apple Valley 760.684.8859 - Los Angeles
310.945.2410 - Cleveland 216.242.4010
www.LobosStudios.com * www.facebook.com/LobosStudios * @LobosStudios
_______________________________________________
jetty-users mailing list
[email protected]
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
