Hi Daniel,

I tried your solution, but failed. It seems the server is not created
at all. I can't connect to it either by browser or by wget.

Below is my code:
public class MySSLSocketConnector extends
org.eclipse.jetty.server.ssl.SslSocketConnector {

        @Override
        protected SSLServerSocketFactory createFactory() throws Exception {
                SSLServer server = new SSLServer();

                String pathToKeyMaterial = "certs/server.jks";
                char[] password = "123456".toCharArray();
                KeyMaterial km = new KeyMaterial( pathToKeyMaterial, password );

                server.setKeyMaterial( km );

                // These settings have to do with how we'll treat client
certificates that are presented
                // to us.  If the client doesn't present any client certificate,
then these are ignored.
                server.setCheckHostname( false ); // default setting is "false" 
for SSLServer
                server.setCheckExpiry( true );    // default setting is "true" 
for SSLServer
                server.setCheckCRL( true );       // default setting is "true" 
for SSLServer

                // This server trusts all client certificates presented (usually
people won't present
                // client certs, but if they do, we'll give them a socket at 
the very least).
                server.addTrustMaterial( new 
TrustMaterial("certs/truststore.jks",
"123456".toCharArray()));
                
                return server;
        }
}


        JettyHTTPServerEngineFactory f =
BusFactory.getDefaultBus().getExtension(JettyHTTPServerEngineFactory.class);
        if(f==null) {
                f = new JettyHTTPServerEngineFactory();
                BusFactory.getDefaultBus().setExtension(f,
JettyHTTPServerEngineFactory.class);
        }
        
        MySSLSocketConnector connector = new MySSLSocketConnector();
        JettyHTTPServerEngine engine = f.createJettyHTTPServerEngine(8082, 
"http");
        //reconfigure this engine to use https instead of http
        engine.setTlsServerParameters(new TLSServerParameters());
        engine.setConnector(connector);

        JaxWsServerFactoryBean sf = new JaxWsServerFactoryBean();
        sf.setServiceClass(Greeter.class);
        sf.setAddress("https://localhost:8082/Greeter";);

        sf.getServiceFactory().setInvoker(new BeanInvoker(new GreeterImpl()));

         org.apache.cxf.endpoint.Server server = sf.create();


2010/10/22 Daniel Kulp <dk...@apache.org>:
> On Thursday 21 October 2010 8:03:35 pm Weihua JIANG wrote:
>> Thank you Daniel. However, my question is: how to set
>> SSLServerSocketFactory at server side, not at client side?
>>
>> At client side, for TlsClientParameters, I know there is a
>> setSSLSocketFactory() method. However, I can't find solution to set a
>> SSLServerSocketFactory at server side.
>
> Oh.  Sorry.  Misread.   Server side....   Hmmmm.....    This is digging into
> Jetty code.
>
>
> You're going to need to create a Jetty Connector object.  Most likely,
> subclass the Jetty SslSocketConnector  and override the
> createFactory call or similar.   Then set that into the CXF Jetty stuff via:
>
>
> JettyHTTPServerEngineFactory f =
> BusFactory.getDefaultBus().getExtension(JettyHTTPServerEngineFactory.class);
>        if (f == null) {
>            f = new JettyHTTPServerEngineFactory();
>            BusFactory.getDefaultBus().setExtension(f,
> JettyHTTPServerEngineFactory.class);
>        }
>
>        f.createJettyHTTPServerEngine(8080, "http").setConnector(connector);
>
>
> Hope that helps.
> Dan
>
>
>>
>> Thanks
>> Weihua
>>
>> 2010/10/22 Daniel Kulp <dk...@apache.org>:
>> > On Thursday 21 October 2010 4:31:49 am Weihua JIANG wrote:
>> >> Hi all,
>> >>
>> >> I want to use Not-Yet-Commons-SSL to handle SSL certificates. So, I
>> >> prefer to use its SSLServerSocketFactory implementation for CXF
>> >> endpoint publish. However, I can't find any document or sample on how
>> >> to write code.
>> >>
>> >> Can anyone help me on this?
>> >
>> > It should be something like:
>> >
>> > Client client = ClientProxy.getClient(proxy);
>> > HTTPConduit hc = (HTTPConduit)client.getConduit();
>> > HTTPClientPolicy cp = hc.getClient();
>> > cp.getTlsClientParameters().setSSLSocketFactory(factory);
>> >
>> > Hope that helps!
>> > Dan
>> >
>> >> Thanks
>> >> Weihua
>> >
>> > --
>> > Daniel Kulp
>> > dk...@apache.org
>> > http://dankulp.com/blog
>
> --
> Daniel Kulp
> dk...@apache.org
> http://dankulp.com/blog
>

Reply via email to