[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [jetty-users] TLS ALPN ACME Lets Encrypt challange
|
Hi,
On Thu, Nov 24, 2022 at 3:56 PM Info <info@xxxxxxxxxx> wrote:
>
> Simone,
>
> my suspicion is that the Jetty XML being declarative and thus not
> directly handled by the OSGi runtime, is causing the timing troubles.
I doubt it. We have XML files working fine with OSGi.
You still don't say what exactly is the problem you're having.
Can you setup a default HTTP/2 server?
If you can, that should be enough.
> But I am right about the staging of the ACME challenge I have to perform
> in order to get a new Lets Encypt SSL certificate?
Cannot parse the above.
I don't think you must perform the ACME challenge; you receive it and
you have to answer it.
> https://letsencrypt.org/how-it-works/
The link does not report in detail how it would work with the
TLS-ALPN-01, which is reported here:
https://letsencrypt.org/docs/challenge-types/
> Did not get to a test because Pax Web uses the org.mortbay.jetty.alpn
> dependency instead of the org.eclipse.jetty.alpn one, building a
> fragment for that one now.
As I said, I don't think you should do anything wrt Jetty or OSGi.
Just setup a Jetty server and add the "acme-tls/1" ALPN protocol.
--
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.
