Hi Daniel, I tried your solution, but failed. It seems the server is not created at all. I can't connect to it either by browser or by wget.
Below is my code: public class MySSLSocketConnector extends org.eclipse.jetty.server.ssl.SslSocketConnector { @Override protected SSLServerSocketFactory createFactory() throws Exception { SSLServer server = new SSLServer(); String pathToKeyMaterial = "certs/server.jks"; char[] password = "123456".toCharArray(); KeyMaterial km = new KeyMaterial( pathToKeyMaterial, password ); server.setKeyMaterial( km ); // These settings have to do with how we'll treat client certificates that are presented // to us. If the client doesn't present any client certificate, then these are ignored. server.setCheckHostname( false ); // default setting is "false" for SSLServer server.setCheckExpiry( true ); // default setting is "true" for SSLServer server.setCheckCRL( true ); // default setting is "true" for SSLServer // This server trusts all client certificates presented (usually people won't present // client certs, but if they do, we'll give them a socket at the very least). server.addTrustMaterial( new TrustMaterial("certs/truststore.jks", "123456".toCharArray())); return server; } } JettyHTTPServerEngineFactory f = BusFactory.getDefaultBus().getExtension(JettyHTTPServerEngineFactory.class); if(f==null) { f = new JettyHTTPServerEngineFactory(); BusFactory.getDefaultBus().setExtension(f, JettyHTTPServerEngineFactory.class); } MySSLSocketConnector connector = new MySSLSocketConnector(); JettyHTTPServerEngine engine = f.createJettyHTTPServerEngine(8082, "http"); //reconfigure this engine to use https instead of http engine.setTlsServerParameters(new TLSServerParameters()); engine.setConnector(connector); JaxWsServerFactoryBean sf = new JaxWsServerFactoryBean(); sf.setServiceClass(Greeter.class); sf.setAddress("https://localhost:8082/Greeter"); sf.getServiceFactory().setInvoker(new BeanInvoker(new GreeterImpl())); org.apache.cxf.endpoint.Server server = sf.create(); 2010/10/22 Daniel Kulp <dk...@apache.org>: > On Thursday 21 October 2010 8:03:35 pm Weihua JIANG wrote: >> Thank you Daniel. However, my question is: how to set >> SSLServerSocketFactory at server side, not at client side? >> >> At client side, for TlsClientParameters, I know there is a >> setSSLSocketFactory() method. However, I can't find solution to set a >> SSLServerSocketFactory at server side. > > Oh. Sorry. Misread. Server side.... Hmmmm..... This is digging into > Jetty code. > > > You're going to need to create a Jetty Connector object. Most likely, > subclass the Jetty SslSocketConnector and override the > createFactory call or similar. Then set that into the CXF Jetty stuff via: > > > JettyHTTPServerEngineFactory f = > BusFactory.getDefaultBus().getExtension(JettyHTTPServerEngineFactory.class); > if (f == null) { > f = new JettyHTTPServerEngineFactory(); > BusFactory.getDefaultBus().setExtension(f, > JettyHTTPServerEngineFactory.class); > } > > f.createJettyHTTPServerEngine(8080, "http").setConnector(connector); > > > Hope that helps. > Dan > > >> >> Thanks >> Weihua >> >> 2010/10/22 Daniel Kulp <dk...@apache.org>: >> > On Thursday 21 October 2010 4:31:49 am Weihua JIANG wrote: >> >> Hi all, >> >> >> >> I want to use Not-Yet-Commons-SSL to handle SSL certificates. So, I >> >> prefer to use its SSLServerSocketFactory implementation for CXF >> >> endpoint publish. However, I can't find any document or sample on how >> >> to write code. >> >> >> >> Can anyone help me on this? >> > >> > It should be something like: >> > >> > Client client = ClientProxy.getClient(proxy); >> > HTTPConduit hc = (HTTPConduit)client.getConduit(); >> > HTTPClientPolicy cp = hc.getClient(); >> > cp.getTlsClientParameters().setSSLSocketFactory(factory); >> > >> > Hope that helps! >> > Dan >> > >> >> Thanks >> >> Weihua >> > >> > -- >> > Daniel Kulp >> > dk...@apache.org >> > http://dankulp.com/blog > > -- > Daniel Kulp > dk...@apache.org > http://dankulp.com/blog >