HowTo use https / ssl with Maven/Mortbay Jetty Plugin?
I would like to use ssl / https as described in
http://docs.codehaus.org/display/JETTY/How+to+configure+SSL
using jetty-maven-plugin, but I don\'t know how t
-
In case you want to do it using Jetty 9, note that since jetty-9.0 it is no longer possible to configure a https connector directly in the pom.xml: you need to use jetty xml config files to do it.[1].
Here is an example:
pom.xml
<properties> <jetty-version>9.1.2.v20140210</jetty-version> </properties> ... <dependency> <groupId>org.eclipse.jetty</groupId> <artifactId>jetty-server</artifactId> <version>${jetty-version}</version> </dependency> ... <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>keytool-maven-plugin</artifactId> <version>1.3</version> <executions> <execution> <phase>generate-resources</phase> <id>clean</id> <goals> <goal>clean</goal> </goals> </execution> <execution> <phase>generate-resources</phase> <id>genkey</id> <goals> <goal>generateKeyPair</goal> </goals> </execution> </executions> <configuration> <keystore>${project.build.directory}/jetty-ssl.keystore</keystore> <dname>cn=127.0.0.1</dname><!-- put your CN here --> <keypass>dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g</keypass> <storepass>dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g</storepass> <alias>jetty</alias> <keyalg>RSA</keyalg> </configuration> </plugin> <plugin> <groupId>org.eclipse.jetty</groupId> <artifactId>jetty-maven-plugin</artifactId> <version>${jetty-version}</version> <configuration> <jettyXml>src/main/resources/jetty.xml,src/main/resources/jetty-ssl.xml,src/main/resources/jetty-https.xml</jettyXml> </configuration> </plugin>jetty-https.xml
<?xml version="1.0"?> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd"> <Configure id="Server" class="org.eclipse.jetty.server.Server"> <Call id="httpsConnector" name="addConnector"> <Arg> <New class="org.eclipse.jetty.server.ServerConnector"> <Arg name="server"><Ref refid="Server" /></Arg> <Arg name="factories"> <Array type="org.eclipse.jetty.server.ConnectionFactory"> <Item> <New class="org.eclipse.jetty.server.SslConnectionFactory"> <Arg name="next">http/1.1</Arg> <Arg name="sslContextFactory"><Ref refid="sslContextFactory"/></Arg> </New> </Item> <Item> <New class="org.eclipse.jetty.server.HttpConnectionFactory"> <Arg name="config"><Ref refid="sslHttpConfig"/></Arg> </New> </Item> </Array> </Arg> <Set name="host"><Property name="jetty.host" /></Set> <Set name="port"><Property name="jetty.https.port" default="8443" /></Set> <Set name="idleTimeout">30000</Set> </New> </Arg> </Call> </Configure>jetty-ssl.xml
<?xml version="1.0"?> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd"> <!-- ============================================================= --> <!-- Configure a TLS (SSL) Context Factory --> <!-- This configuration must be used in conjunction with jetty.xml --> <!-- and either jetty-https.xml or jetty-spdy.xml (but not both) --> <!-- ============================================================= --> <Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory"> <Set name="KeyStorePath"><Property name="jetty.home" default="." />/<Property name="jetty.keystore" default="target/jetty-ssl.keystore"/></Set> <Set name="KeyStorePassword"><Property name="jetty.keystore.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set> <Set name="KeyManagerPassword"><Property name="jetty.keymanager.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set> <Set name="TrustStorePath"><Property name="jetty.home" default="." />/<Property name="jetty.truststore" default="target/jetty-ssl.keystore"/></Set> <Set name="TrustStorePassword"><Property name="jetty.truststore.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set> <Set name="EndpointIdentificationAlgorithm"></Set> <Set name="ExcludeCipherSuites"> <Array type="String"> <Item>SSL_RSA_WITH_DES_CBC_SHA</Item> <Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item> </Array> </Set> <!-- =========================================================== --> <!-- Create a TLS specific HttpConfiguration based on the --> <!-- common HttpConfiguration defined in jetty.xml --> <!-- Add a SecureRequestCustomizer to extract certificate and --> <!-- session information --> <!-- =========================================================== --> <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration"> <Arg><Ref refid="httpConfig"/></Arg> <Call name="addCustomizer"> <Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg> </Call> </New> </Configure>jetty.xml
<?xml version="1.0"?> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd"> <Configure id="Server" class="org.eclipse.jetty.server.Server"> <New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration"> <Set name="secureScheme">https</Set> <Set name="securePort"> <Property name="jetty.secure.port" default="8443" /> </Set> </New> </Configure>讨论(0) -
You can use Maven to create a development certificate and use it when starting Jetty. First, configure the keytool-maven-plugin to create a development certificate:
<plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>keytool-maven-plugin</artifactId> <executions> <execution> <phase>generate-resources</phase> <id>clean</id> <goals> <goal>clean</goal> </goals> </execution> <execution> <phase>generate-resources</phase> <id>genkey</id> <goals> <goal>genkey</goal> </goals> </execution> </executions> <configuration> <keystore>${project.build.directory}/jetty-ssl.keystore</keystore> <dname>cn=my.hostname.tld</dname><!-- put your CN here--> <keypass>jetty6</keypass> <storepass>jetty6</storepass> <alias>jetty6</alias> <keyalg>RSA</keyalg> </configuration> </plugin>Change the CN as you wish. Then configure the maven-jetty-plugin to use the development certificate:
<plugin> <groupId>org.mortbay.jetty</groupId> <artifactId>maven-jetty-plugin</artifactId> <version>6.1.10</version> <configuration> <contextPath>/context</contextPath> <scanIntervalSeconds>5</scanIntervalSeconds> <connectors> <connector implementation="org.mortbay.jetty.nio.SelectChannelConnector"> <port>8080</port> <maxIdleTime>60000</maxIdleTime> </connector> <connector implementation="org.mortbay.jetty.security.SslSocketConnector"> <port>8443</port> <maxIdleTime>60000</maxIdleTime> <keystore>${project.build.directory}/jetty-ssl.keystore</keystore> <password>jetty6</password> <keyPassword>jetty6</keyPassword> </connector> </connectors> </configuration> </plugin>Run
mvn jetty:runand open https://localhost:8443/context.讨论(0) -
In case you are get this error using Pascal's solution:-
Could not find goal 'genkey' in plugin org.codehaus.mojo:keytool-maven-plugin:1.3- Use 'generateKeyPair' as the goal. (genKey is deprecated I believe. )
- Add plugin version.
The plugin definition should look like :-
<plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>keytool-maven-plugin</artifactId> <version>1.3</version> <executions> <execution> <phase>generate-resources</phase> <id>clean</id> <goals> <goal>clean</goal> </goals> </execution> <execution> <phase>generate-resources</phase> <id>genkey</id> <goals> <goal>generateKeyPair</goal> </goals> </execution> </executions> <configuration> <keystore>${project.build.directory}/jetty-ssl.keystore</keystore> <dname>cn=my.hostname.tld</dname><!-- put your CN here --> <keypass>jetty6</keypass> <storepass>jetty6</storepass> <alias>jetty6</alias> <keyalg>RSA</keyalg> </configuration> </plugin>讨论(0)
加载中...
- 热议问题