Finally get it to work. Code fragment is: MySSLSocketConnector connector = new MySSLSocketConnector(); connector.setPort(8082); //The code I missed in first version JettyHTTPServerEngine engine = f.createJettyHTTPServerEngine(8082, "http"); //reconfigure this engine to use https instead of http engine.setTlsServerParameters(new TLSServerParameters()); engine.setConnector(connector);
Thanks Weihua 2010/10/25 Weihua JIANG <weihua.ji...@gmail.com>: > Hi Daniel, > > I tried your solution, but failed. It seems the server is not created > at all. I can't connect to it either by browser or by wget. > > Below is my code: > public class MySSLSocketConnector extends > org.eclipse.jetty.server.ssl.SslSocketConnector { > > �...@override > protected SSLServerSocketFactory createFactory() throws Exception { > SSLServer server = new SSLServer(); > > String pathToKeyMaterial = "certs/server.jks"; > char[] password = "123456".toCharArray(); > KeyMaterial km = new KeyMaterial( pathToKeyMaterial, password > ); > > server.setKeyMaterial( km ); > > // These settings have to do with how we'll treat client > certificates that are presented > // to us. If the client doesn't present any client > certificate, > then these are ignored. > server.setCheckHostname( false ); // default setting is > "false" for SSLServer > server.setCheckExpiry( true ); // default setting is "true" > for SSLServer > server.setCheckCRL( true ); // default setting is "true" > for SSLServer > > // This server trusts all client certificates presented > (usually > people won't present > // client certs, but if they do, we'll give them a socket at > the very least). > server.addTrustMaterial( new > TrustMaterial("certs/truststore.jks", > "123456".toCharArray())); > > return server; > } > } > > > JettyHTTPServerEngineFactory f = > BusFactory.getDefaultBus().getExtension(JettyHTTPServerEngineFactory.class); > if(f==null) { > f = new JettyHTTPServerEngineFactory(); > BusFactory.getDefaultBus().setExtension(f, > JettyHTTPServerEngineFactory.class); > } > > MySSLSocketConnector connector = new MySSLSocketConnector(); > JettyHTTPServerEngine engine = f.createJettyHTTPServerEngine(8082, > "http"); > //reconfigure this engine to use https instead of http > engine.setTlsServerParameters(new TLSServerParameters()); > engine.setConnector(connector); > > JaxWsServerFactoryBean sf = new JaxWsServerFactoryBean(); > sf.setServiceClass(Greeter.class); > sf.setAddress("https://localhost:8082/Greeter"); > > sf.getServiceFactory().setInvoker(new BeanInvoker(new GreeterImpl())); > > org.apache.cxf.endpoint.Server server = sf.create(); > > > 2010/10/22 Daniel Kulp <dk...@apache.org>: >> On Thursday 21 October 2010 8:03:35 pm Weihua JIANG wrote: >>> Thank you Daniel. However, my question is: how to set >>> SSLServerSocketFactory at server side, not at client side? >>> >>> At client side, for TlsClientParameters, I know there is a >>> setSSLSocketFactory() method. However, I can't find solution to set a >>> SSLServerSocketFactory at server side. >> >> Oh. Sorry. Misread. Server side.... Hmmmm..... This is digging into >> Jetty code. >> >> >> You're going to need to create a Jetty Connector object. Most likely, >> subclass the Jetty SslSocketConnector and override the >> createFactory call or similar. Then set that into the CXF Jetty stuff via: >> >> >> JettyHTTPServerEngineFactory f = >> BusFactory.getDefaultBus().getExtension(JettyHTTPServerEngineFactory.class); >> if (f == null) { >> f = new JettyHTTPServerEngineFactory(); >> BusFactory.getDefaultBus().setExtension(f, >> JettyHTTPServerEngineFactory.class); >> } >> >> f.createJettyHTTPServerEngine(8080, "http").setConnector(connector); >> >> >> Hope that helps. >> Dan >> >> >>> >>> Thanks >>> Weihua >>> >>> 2010/10/22 Daniel Kulp <dk...@apache.org>: >>> > On Thursday 21 October 2010 4:31:49 am Weihua JIANG wrote: >>> >> Hi all, >>> >> >>> >> I want to use Not-Yet-Commons-SSL to handle SSL certificates. So, I >>> >> prefer to use its SSLServerSocketFactory implementation for CXF >>> >> endpoint publish. However, I can't find any document or sample on how >>> >> to write code. >>> >> >>> >> Can anyone help me on this? >>> > >>> > It should be something like: >>> > >>> > Client client = ClientProxy.getClient(proxy); >>> > HTTPConduit hc = (HTTPConduit)client.getConduit(); >>> > HTTPClientPolicy cp = hc.getClient(); >>> > cp.getTlsClientParameters().setSSLSocketFactory(factory); >>> > >>> > Hope that helps! >>> > Dan >>> > >>> >> Thanks >>> >> Weihua >>> > >>> > -- >>> > Daniel Kulp >>> > dk...@apache.org >>> > http://dankulp.com/blog >> >> -- >> Daniel Kulp >> dk...@apache.org >> http://dankulp.com/blog >> >