stackoom
  简体   繁体   中英

Embedded Jetty with client certificates

 原文  2014-09-02 08:39:18       java/ jetty/ embedded-jetty

Question

I want to create embedded https server that required the clients to present a certificate and I am using this: http://www.smartjava.org/content/embedded-jetty-client-certificates

Now my question is that how can I provide keystore and truststore file for my code given that my jetty is emedded. I mean these lines in the code: 

// the keystore (with one key) we'll use to make the connection with the
    // broker
    private final static String KEYSTORE_LOCATION = "src/main/resources/client_keystore.jks";
    private final static String KEYSTORE_PASS = "secret";

    // the truststore we use for our server. This keystore should contain all the keys
    // that are allowed to make a connection to the server
    private final static String TRUSTSTORE_LOCATION = "src/main/resources/truststore.jks";
    private final static String TRUSTSTORE_PASS = "secret";

Thanks

1 answers

solution1
 0  2014-09-02 15:08:18

There are numerous examples of Jetty embedded use on github.com/eclipse/jetty.project

Example: LikeJettyXml.java - Jetty 8, with no XML used, setting up an SSL connector. 

    SslSelectChannelConnector ssl_connector = new SslSelectChannelConnector();
    ssl_connector.setPort(8443);
    SslContextFactory cf = ssl_connector.getSslContextFactory();
    cf.setKeyStorePath(jetty_home + "/etc/keystore");
    cf.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    cf.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
    cf.setTrustStore(jetty_home + "/etc/keystore");
    cf.setTrustStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    cf.setExcludeCipherSuites(
            new String[] {
                "SSL_RSA_WITH_DES_CBC_SHA",
                "SSL_DHE_RSA_WITH_DES_CBC_SHA",
                "SSL_DHE_DSS_WITH_DES_CBC_SHA",
                "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
                "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
                "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
                "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
            });
    ssl_connector.setStatsOn(false);
    server.addConnector(ssl_connector);
    ssl_connector.open();

    SslSocketConnector ssl2_connector = new SslSocketConnector(cf);
    ssl2_connector.setPort(8444);
    ssl2_connector.setStatsOn(false);
    server.addConnector(ssl2_connector);
    ssl2_connector.open();

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to work with client certificates on Jetty SPDY with ALPN? How to get NodeJS to proxy Client Certificates like Jetty Proxy Embedded Jetty 9 X509 Certificates are not coming in incoming client request after Jetty Upgrade to 9.4.19.v20190610 Embedded Jetty: Servlet not initialized Jersey with embedded Jetty server embedded jetty CrossDomainFilter not working Swagger with embedded Jetty Embedded Jetty with Spring MVC Jersey with embedded Jetty + PostReplaceFilter
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM