Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] How to configure cxf with jetty to run over TLS? 
I'm just trying to get up to speed on using jetty, so please forgive a "newbie" question.

I have a simple example web service built with cxf and using jetty for the http server.  It works fine, and I'm able configure logging in the cxf.xml file with just the following XML:

    <cxf:bus>
        <cxf:features>
            <cxf:logging/>
        </cxf:features>
    </cxf:bus>

Great!  I have a simple web service.  My next step is to make the service work over HTTPS (with TLS) rather than HTTP.

Instructions for configuring jetty to work with SSL are given at: http://docs.codehaus.org/display/JETTY/How+to+configure+SSL

I went through the process of creating a keystore, using keytool.  (The simplest case.)  But I'm having trouble in step 4, figuring out how to properly configure jetty.  Step 4 of the example simply gives the following xml configuration:

<Call name="addConnector">
    <Arg>
      <New class="org.mortbay.jetty.security.SslSocketConnector">
        <Set name="Port">8443</Set>
        <Set name="maxIdleTime">30000</Set>
        <Set name="keystore"><SystemProperty name="jetty.home" default="." />/etc/keystore</Set>
        <Set name="password">OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4</Set>
        <Set name="keyPassword">OBF:1u2u1wml1z7s1z7a1wnl1u2g</Set>
        <Set name="truststore"><SystemProperty name="jetty.home" default="." />/etc/keystore</Set>
        <Set name="trustPassword">OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4</Set>
      </New>
    </Arg>
  </Call>

I can make some guesses about how to customize this for my application.  But, where would I even put this configuration?  Taking a wild guess, I tried putting it in my cxf.xml file, but that just results in parse errors.  Presumably I should put it in my jetty.xml file - except where do I put that?  I didn't install jetty explicitly (it's included in the cxf install) and I don't have a "JETTY_HOME" as far as I know.  I have no idea where to put this file to have it read when cxf fires up the jetty server.

There is also example code at http://cxf.apache.org/docs/standalone-http-transport.html that shows configuration of the jetty https within cxf.xml, including the following snippet:

<beans xmlns="http://www.springframework.org/schema/beans";
  xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration";
  	etc. etc...
>

  <httpj:engine-factory bus="cxf">
         <!-- you just need to specify the TLS Server configuration for the certain port -->
	 <httpj:engine port="9003">
	     <httpj:tlsServerParameters>
	      <sec:keyManagers keyPassword="password">
	           <sec:keyStore type="JKS" password="password" 
Etc.... 

Looks like this is getting to what I need.  But the explanation provided is very minimal.  Just by including a tlsServerParameters item am I specifying that tls is required (https rather than http)?  Do I have to guess at how to write this xml or is it documented somewhere?  

Any help appreciated!  

Thanks,

Duncan

Back to the top