I can get Jetty 9.3.3 to work over SSL with these four files, but I cannot figure out a way to put them into one file (required by fuseki) to get SSL working with fuseki:
jetty.xml <?xml version="1.0"?> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd";> <Configure id="Server" class="org.eclipse.jetty.server.Server"> <New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration"> <Set name="secureScheme"><Property name="jetty.httpConfig.secureScheme" default="https" /></Set> <Set name="securePort"><Property name="jetty.httpConfig.securePort" deprecated="jetty.secure.port" default="8443" /></Set> <Set name="outputBufferSize"><Property name="jetty.httpConfig.outputBufferSize" deprecated="jetty.output.buffer.size" default="32768" /></Set> <Set name="outputAggregationSize"><Property name="jetty.httpConfig.outputAggregationSize" deprecated="jetty.output.aggregation.size" default="8192" /></Set> <Set name="requestHeaderSize"><Property name="jetty.httpConfig.requestHeaderSize" deprecated="jetty.request.header.size" default="8192" /></Set> <Set name="responseHeaderSize"><Property name="jetty.httpConfig.responseHeaderSize" deprecated="jetty.response.header.size" default="8192" /></Set> <Set name="sendServerVersion"><Property name="jetty.httpConfig.sendServerVersion" deprecated="jetty.send.server.version" default="true" /></Set> <Set name="sendDateHeader"><Property name="jetty.httpConfig.sendDateHeader" deprecated="jetty.send.date.header" default="false" /></Set> <Set name="headerCacheSize"><Property name="jetty.httpConfig.headerCacheSize" default="512" /></Set> <Set name="delayDispatchUntilContent"><Property name="jetty.httpConfig.delayDispatchUntilContent" deprecated="jetty.delayDispatchUntilContent" default="true"/></Set> </New> </Configure> jetty-http.xml <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd";> <Call name="addConnector"> <Arg> <New id="httpConnector" class="org.eclipse.jetty.server.ServerConnector"> <Arg name="server"><Ref refid="Server" /></Arg> <Arg name="acceptors" type="int"><Property name="jetty.http.acceptors" deprecated="http.acceptors" default="-1"/></Arg> <Arg name="selectors" type="int"><Property name="jetty.http.selectors" deprecated="http.selectors" default="-1"/></Arg> <Arg name="factories"> <Array type="org.eclipse.jetty.server.ConnectionFactory"> <!-- uncomment to support proxy protocol <Item> <New class="org.eclipse.jetty.server.ProxyConnectionFactory"/> </Item>--> <Item> <New class="org.eclipse.jetty.server.HttpConnectionFactory"> <Arg name="config"><Ref refid="httpConfig" /></Arg> </New> </Item> </Array> </Arg> <Set name="host"><Property name="jetty.http.host" deprecated="jetty.host" /></Set> <Set name="port"><Property name="jetty.http.port" deprecated="jetty.port" default="8080" /></Set> <Set name="idleTimeout"><Property name="jetty.http.idleTimeout" deprecated="http.timeout" default="30000"/></Set> <Set name="soLingerTime"><Property name="jetty.http.soLingerTime" deprecated="http.soLingerTime" default="-1"/></Set> <Set name="acceptorPriorityDelta"><Property name="jetty.http.acceptorPriorityDelta" deprecated="http.acceptorPriorityDelta" default="0"/></Set> <Set name="acceptQueueSize"><Property name="jetty.http.acceptQueueSize" deprecated="http.acceptQueueSize" default="0"/></Set> </New> </Arg> </Call> </Configure> jetty-https.xml <?xml version="1.0"?> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd";> <Configure id="sslConnector" class="org.eclipse.jetty.server.ServerConnector"> <Call name="addIfAbsentConnectionFactory"> <Arg> <New class="org.eclipse.jetty.server.SslConnectionFactory"> <Arg name="next">http/1.1</Arg> <Arg name="sslContextFactory"><Ref refid="sslContextFactory"/></Arg> </New> </Arg> </Call> <Call name="addConnectionFactory"> <Arg> <New class="org.eclipse.jetty.server.HttpConnectionFactory"> <Arg name="config"><Ref refid="sslHttpConfig" /></Arg> </New> </Arg> </Call> </Configure> jetty-ssl-context.xml <?xml version="1.0"?> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd";> <Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory"> <Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.keyStorePath" deprecated="jetty.keystore" default="etc/keystore"/></Set> <Set name="KeyStorePassword"><Property name="jetty.sslContext.keyStorePassword" deprecated="jetty.keystore.password" />MyPassword</Set> <Set name="KeyStoreType"><Property name="jetty.sslContext.keyStoreType" default="JKS"/></Set> <Set name="KeyStoreProvider"><Property name="jetty.sslContext.keyStoreProvider"/></Set> <Set name="KeyManagerPassword"><Property name="jetty.sslContext.keyManagerPassword" deprecated="jetty.keymanager.password" />MyPassword</Set> <Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.trustStorePath" deprecated="jetty.truststore" default="etc/keystore"/></Set> <Set name="TrustStorePassword"><Property name="jetty.sslContext.trustStorePassword" deprecated="jetty.truststore.password" />MyPassword</Set> <Set name="TrustStoreType"><Property name="jetty.sslContext.trustStoreType" default="JKS"/></Set> <Set name="TrustStoreProvider"><Property name="jetty.sslContext.trustStoreProvider"/></Set> <Set name="EndpointIdentificationAlgorithm"></Set> <Set name="NeedClientAuth"><Property name="jetty.sslContext.needClientAuth" deprecated="jetty.ssl.needClientAuth" default="false"/></Set> <Set name="WantClientAuth"><Property name="jetty.sslContext.wantClientAuth" deprecated="jetty.ssl.wantClientAuth" default="false"/></Set> <Set name="ExcludeCipherSuites"> <Array type="String"> <Item>SSL_RSA_WITH_DES_CBC_SHA</Item> <Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item> <Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item> <Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item> <Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item> <Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item> <Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item> </Array> </Set> <Set name="useCipherSuitesOrder"><Property name="jetty.sslContext.useCipherSuitesOrder" default="true"/></Set> </Configure> ================ On Wed, Sep 2, 2015 at 8:18 AM, Andy Seaborne <a...@apache.org> wrote: > Hi Jason, > > I have made some progress with your config. > > 1/ I switched the development code to 9.3.3 so we have one target and > because I got that version to work with your config > > 9.3.3. was release 27/Aug/2015. > > Don't know if your working from the source or not so I did a development > build of Fuseki2 with 9.3.3. > > https://repository.apache.org/content/repositories/snapshots/org/apache/jena/apache-jena-fuseki/2.3.1-SNAPSHOT/ > > NB There are 2 builds for today - latest with Jetty 9.3.3 is > > 20150902.121407-19 > > 2/ Fix for your config file below. > Needs some details from jetty.xml copied into it. > > Andy > > On 01/09/15 20:36, Jason Levitt wrote: >> >> Back to square one. >> >> This Jetty config file works fine with Jetty 9: > > > Which jetty version? I'm seeing differences between 9.1.1 and 9.3.3 > > With 9.3.2 I get a different error, more useful error (yes, I was using > 9.3.2 at that point) > > [2015-09-02 12:24:37] Server ERROR SPARQLServer: Failed to configure > server: null > java.lang.reflect.InvocationTargetException > sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) > sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) > java.lang.reflect.Constructor.newInstance(Constructor.java:422) > org.eclipse.jetty.util.TypeUtil.construct(TypeUtil.java:627) > org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.newObj(XmlConfiguration.java:782) > > which looks to be caused by: > >> <New class="org.eclipse.jetty.server.HttpConnectionFactory"> >> <Arg name="config"><Ref refid="httpConfig" /></Arg> >> </New> > > and httpConfig is not defined. (I debug traced the Jetty code). > > It says higher up: > > <!-- HttpConnectionFactory instance using the common httpConfig --> > <!-- instance defined in jetty.xml > > > I copied the block from jetty.xml 9.3.3 into you configuration: > <New id="httpConfig" > </New> > > Full copy below. > > This is for 9.3.3 only - I tried the same approach with 9.1.1 and it didn't > work. Maybe my user error, maybe because your config makes a 9.3 specific > call. Rather than worry about that, I switched the development code base to > 9.3.3. > > Hey presto - server runs for me. Confirmed it is using the config by > changing the port but that's all the testing I have time for ATM. (Looking > for a job (= employment) can be quite time consuming!) > > Andy > > > ------------------------------------------------------------ > Copy of new section, reformatted for email :-| , inserted before <Call> > > <Configure id="Server" class="org.eclipse.jetty.server.Server"> > <New > .... > </New> > > <Call name="addConnector"> > </Call> > > > </Configure> > > --------- Full insert > > > <New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration"> > <Set name="secureScheme"> > <Property name="jetty.httpConfig.secureScheme" > default="https" /> > </Set> > <Set name="securePort"> > <Property name="jetty.httpConfig.securePort" > deprecated="jetty.secure.port" > default="8443" /> > </Set> > <Set name="outputBufferSize"> > <Property name="jetty.httpConfig.outputBufferSize" > deprecated="jetty.output.buffer.size" > default="32768" /> > </Set> > <Set name="outputAggregationSize"> > <Property name="jetty.httpConfig.outputAggregationSize" > deprecated="jetty.output.aggregation.size" > default="8192" /> > </Set> > <Set name="requestHeaderSize"> > <Property name="jetty.httpConfig.requestHeaderSize" > deprecated="jetty.request.header.size" > default="8192" /> > </Set> > <Set name="responseHeaderSize"> > <Property name="jetty.httpConfig.responseHeaderSize" > deprecated="jetty.response.header.size" > default="8192" /> > </Set> > <Set name="sendServerVersion"> > <Property name="jetty.httpConfig.sendServerVersion" > deprecated="jetty.send.server.version" > default="true" /> > </Set> > <Set name="sendDateHeader"> > <Property name="jetty.httpConfig.sendDateHeader" > deprecated="jetty.send.date.header" > default="false" /> > </Set> > <Set name="headerCacheSize"> > <Property name="jetty.httpConfig.headerCacheSize" > default="512" /> > </Set> > <Set name="delayDispatchUntilContent"> > <Property name="jetty.httpConfig.delayDispatchUntilContent" > deprecated="jetty.delayDispatchUntilContent" > default="true"/> > </Set> > <Set name="maxErrorDispatches"> > <Property name="jetty.httpConfig.maxErrorDispatches" > default="10"/> > </Set> > <!-- Uncomment to enable handling of X-Forwarded- style headers > <Call name="addCustomizer"> > <Arg><New > class="org.eclipse.jetty.server.ForwardedRequestCustomizer"/></Arg> > </Call> > --> > </New> >
