geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s..@geronimo.apache.org
Subject [Apache Geronimo Wiki] Updated: JettySSL
Date Sat, 09 Oct 2004 14:42:39 GMT
   Date: 2004-10-09T07:42:39
   Editor: TobyCabot <toby@caboteria.org>
   Wiki: Apache Geronimo Wiki
   Page: JettySSL
   URL: http://wiki.apache.org/geronimo/JettySSL

   additional notes

Change Log:

------------------------------------------------------------------------------
@@ -1,6 +1,6 @@
 == Using SSL/HTTPS With Jetty ==
 
-By default (as of 2004-10-08) Geronimo runs http protocol but not https.  I haven't figured
out how to get it to run https yet, but here are some notes that might help.
+By default (as of 2004-10-08) Geronimo runs http protocol but not https.  I haven't entirely
figured out how to get it to run https yet, but here are some notes that might help you.
 
 The first step is to set up a "keystore" that contains a digital certificate.  The server
uses this to authenticate itself to the clients.  There are some links in the Jetty SSL FAQ
below that talk about how to do this.  Geronimo expects the keystore to be in `~/.keystore`
by default (at least on unix systems).
 
@@ -35,13 +35,15 @@
 $ java -Djetty.ssl.password=password -Djetty.ssl.keypassword=password  -jar target/bin/server.jar
 }}}
 
+Geronimo should now be listening on https://localhost:8443/ .
+
 === Status ===
 
-At the moment the server starts, and is listening on port 8443, but it doesn't appear as
if things are all good.  For one thing, traffic over the link doesn't appear to be encrypted
since I can read it in ethereal.
+At the moment the server starts, and is listening on port 8443, and it appears to be running
https, but I appear to have botched my certificate generation so I can't establish a connection.
 The browser tells me that the certificate is invalid or corrupt.
 
 === Wishlist ===
 
-It would be nice to be able to specify the keystore location and passwords in the deployment
descriptor.  At the moment it looks as if `org.apache.geronimo.jetty.connector.JettyConnector`
isn't set up to allow this:
+It would be nice to be able to specify the passwords and the keystore location in the deployment
descriptor.  At the moment it looks as if `org.apache.geronimo.jetty.connector.JettyConnector`
isn't set up to allow this:
  {{{
         GBeanInfoFactory infoFactory = new GBeanInfoFactory("Jetty HTTP Connector", JettyConnector.class);
         infoFactory.addAttribute("port", int.class, true);

Mime
View raw message