当前位置: 文江博客话题详情

如何将 https / ssl 与 Maven/Mortbay Jetty 插件一起使用?

发布于 2024-09-25 13:05:38 字数 461 浏览 3 评论 0原文

我想使用 ssl / https,如

http://docs 中所述。 codehaus.org/display/JETTY/How+to+configure+SSL

使用 jetty-maven-plugin,但我不知道如何配置该插件。有任何提示、示例、教程、演练吗?

另外,我想知道如何执行上述教程的步骤3b,其中需要操作jetty服务器(java -classpath $JETTY_HOME/lib/jetty-util-6.1-SNAPSHOT.jar:$JETTY_HOME/lib/ jetty-6.1-SNAPSHOT.jar org.mortbay.jetty.security.PKCS12导入 jetty.pkcs12 密钥库)。

原文

I would like to use ssl / https as described in

http://docs.codehaus.org/display/JETTY/How+to+configure+SSL

using jetty-maven-plugin, but I don't know how to configure the plugin. Any hint, example, tutorial, walkthrough ?

Also, I wonder how to carry out Step 3b of the above mentioned tutorial, where manipulation the jetty server is necessary (java -classpath $JETTY_HOME/lib/jetty-util-6.1-SNAPSHOT.jar:$JETTY_HOME/lib/jetty-6.1-SNAPSHOT.jar org.mortbay.jetty.security.PKCS12Import jetty.pkcs12 keystore).

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

仅冇旳回忆 2024-10-02 13:05:38

您可以使用 Maven 创建开发证书并在启动 Jetty 时使用它。首先,配置keytool-maven-plugin来创建开发证书:

<plugin>
  <groupId>org.codehaus.mojo</groupId>
  <artifactId>keytool-maven-plugin</artifactId>
  <executions>
    <execution>
      <phase>generate-resources</phase>
      <id>clean</id>
      <goals>
        <goal>clean</goal>
      </goals>
    </execution>
    <execution>
      <phase>generate-resources</phase>
      <id>genkey</id>
      <goals>
        <goal>genkey</goal>
      </goals>
    </execution>
  </executions>
  <configuration>
    <keystore>${project.build.directory}/jetty-ssl.keystore</keystore>
    <dname>cn=my.hostname.tld</dname><!-- put your CN here-->
    <keypass>jetty6</keypass>
    <storepass>jetty6</storepass>
    <alias>jetty6</alias>
    <keyalg>RSA</keyalg>
  </configuration>
</plugin>

根据需要更改 CN。然后配置maven-jetty-plugin以使用开发证书:

<plugin>
  <groupId>org.mortbay.jetty</groupId>
  <artifactId>maven-jetty-plugin</artifactId>
  <version>6.1.10</version>
  <configuration>
    <contextPath>/context</contextPath>
    <scanIntervalSeconds>5</scanIntervalSeconds>
    <connectors>
      <connector implementation="org.mortbay.jetty.nio.SelectChannelConnector">
        <port>8080</port>
        <maxIdleTime>60000</maxIdleTime>
      </connector>
      <connector implementation="org.mortbay.jetty.security.SslSocketConnector">
        <port>8443</port>
        <maxIdleTime>60000</maxIdleTime>
        <keystore>${project.build.directory}/jetty-ssl.keystore</keystore>
        <password>jetty6</password>
        <keyPassword>jetty6</keyPassword>
      </connector>
    </connectors>
  </configuration>
</plugin>

运行mvn jetty:run并打开https://localhost:8443/context

You can use Maven to create a development certificate and use it when starting Jetty. First, configure the keytool-maven-plugin to create a development certificate:

<plugin>
  <groupId>org.codehaus.mojo</groupId>
  <artifactId>keytool-maven-plugin</artifactId>
  <executions>
    <execution>
      <phase>generate-resources</phase>
      <id>clean</id>
      <goals>
        <goal>clean</goal>
      </goals>
    </execution>
    <execution>
      <phase>generate-resources</phase>
      <id>genkey</id>
      <goals>
        <goal>genkey</goal>
      </goals>
    </execution>
  </executions>
  <configuration>
    <keystore>${project.build.directory}/jetty-ssl.keystore</keystore>
    <dname>cn=my.hostname.tld</dname><!-- put your CN here-->
    <keypass>jetty6</keypass>
    <storepass>jetty6</storepass>
    <alias>jetty6</alias>
    <keyalg>RSA</keyalg>
  </configuration>
</plugin>

Change the CN as you wish. Then configure the maven-jetty-plugin to use the development certificate:

<plugin>
  <groupId>org.mortbay.jetty</groupId>
  <artifactId>maven-jetty-plugin</artifactId>
  <version>6.1.10</version>
  <configuration>
    <contextPath>/context</contextPath>
    <scanIntervalSeconds>5</scanIntervalSeconds>
    <connectors>
      <connector implementation="org.mortbay.jetty.nio.SelectChannelConnector">
        <port>8080</port>
        <maxIdleTime>60000</maxIdleTime>
      </connector>
      <connector implementation="org.mortbay.jetty.security.SslSocketConnector">
        <port>8443</port>
        <maxIdleTime>60000</maxIdleTime>
        <keystore>${project.build.directory}/jetty-ssl.keystore</keystore>
        <password>jetty6</password>
        <keyPassword>jetty6</keyPassword>
      </connector>
    </connectors>
  </configuration>
</plugin>

Run mvn jetty:run and open https://localhost:8443/context.

回复 原文
病女 2024-10-02 13:05:38

如果您使用 Pascal 的解决方案遇到此错误:-

Could not find goal 'genkey' in plugin org.codehaus.mojo:keytool-maven-plugin:1.3
  1. 使用“generateKeyPair”作为目标。 (我相信 genKey 已被弃用。)
  2. 添加插件版本。

插件定义应如下所示:-

       <plugin>
            <groupId>org.codehaus.mojo</groupId>
            <artifactId>keytool-maven-plugin</artifactId>
            <version>1.3</version>
            <executions>
                <execution>
                    <phase>generate-resources</phase>
                    <id>clean</id>
                    <goals>
                        <goal>clean</goal>
                    </goals>
                </execution>
                <execution>
                    <phase>generate-resources</phase>
                    <id>genkey</id>
                    <goals>
                        <goal>generateKeyPair</goal>
                    </goals>
                </execution>
            </executions>
            <configuration>
                <keystore>${project.build.directory}/jetty-ssl.keystore</keystore>
                <dname>cn=my.hostname.tld</dname><!-- put your CN here -->
                <keypass>jetty6</keypass>
                <storepass>jetty6</storepass>
                <alias>jetty6</alias>
                <keyalg>RSA</keyalg>
            </configuration>
        </plugin>

In case you are get this error using Pascal's solution:-

Could not find goal 'genkey' in plugin org.codehaus.mojo:keytool-maven-plugin:1.3
  1. Use 'generateKeyPair' as the goal. (genKey is deprecated I believe. )
  2. Add plugin version.

The plugin definition should look like :-

       <plugin>
            <groupId>org.codehaus.mojo</groupId>
            <artifactId>keytool-maven-plugin</artifactId>
            <version>1.3</version>
            <executions>
                <execution>
                    <phase>generate-resources</phase>
                    <id>clean</id>
                    <goals>
                        <goal>clean</goal>
                    </goals>
                </execution>
                <execution>
                    <phase>generate-resources</phase>
                    <id>genkey</id>
                    <goals>
                        <goal>generateKeyPair</goal>
                    </goals>
                </execution>
            </executions>
            <configuration>
                <keystore>${project.build.directory}/jetty-ssl.keystore</keystore>
                <dname>cn=my.hostname.tld</dname><!-- put your CN here -->
                <keypass>jetty6</keypass>
                <storepass>jetty6</storepass>
                <alias>jetty6</alias>
                <keyalg>RSA</keyalg>
            </configuration>
        </plugin>
回复 原文
嘿哥们儿 2024-10-02 13:05:38

如果您想使用 Jetty 9 来执行此操作,请注意,自 jetty-9.0 起,不再可能直接在 pom.xml 中配置 https 连接器:您需要使用 jetty xml 配置文件来执行此操作。< /em>[1]

这是一个示例:

pom.xml

<properties>
<jetty-version>9.1.2.v20140210</jetty-version>
</properties>
...
<dependency>
  <groupId>org.eclipse.jetty</groupId>
  <artifactId>jetty-server</artifactId>
  <version>${jetty-version}</version>
</dependency>
...
      <plugin>
            <groupId>org.codehaus.mojo</groupId>
            <artifactId>keytool-maven-plugin</artifactId>
            <version>1.3</version>
            <executions>
                <execution>
                    <phase>generate-resources</phase>
                    <id>clean</id>
                    <goals>
                        <goal>clean</goal>
                    </goals>
                </execution>
                <execution>
                    <phase>generate-resources</phase>
                    <id>genkey</id>
                    <goals>
                        <goal>generateKeyPair</goal>
                    </goals>
                </execution>
            </executions>
            <configuration>
                <keystore>${project.build.directory}/jetty-ssl.keystore</keystore>
                <dname>cn=127.0.0.1</dname><!-- put your CN here -->
                <keypass>dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g</keypass>
                <storepass>dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g</storepass>
                <alias>jetty</alias>
                <keyalg>RSA</keyalg>
            </configuration>
        </plugin>
        <plugin>
            <groupId>org.eclipse.jetty</groupId>
            <artifactId>jetty-maven-plugin</artifactId>
            <version>${jetty-version}</version>
            <configuration>
                <jettyXml>src/main/resources/jetty.xml,src/main/resources/jetty-ssl.xml,src/main/resources/jetty-https.xml</jettyXml>
            </configuration>
        </plugin>

jetty-https.xml

<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure id="Server" class="org.eclipse.jetty.server.Server">
  <Call id="httpsConnector" name="addConnector">
    <Arg>
      <New class="org.eclipse.jetty.server.ServerConnector">
        <Arg name="server"><Ref refid="Server" /></Arg>
        <Arg name="factories">
          <Array type="org.eclipse.jetty.server.ConnectionFactory">
            <Item>
              <New class="org.eclipse.jetty.server.SslConnectionFactory">
                <Arg name="next">http/1.1</Arg>
                <Arg name="sslContextFactory"><Ref refid="sslContextFactory"/></Arg>
              </New>
            </Item>
            <Item>
              <New class="org.eclipse.jetty.server.HttpConnectionFactory">
                <Arg name="config"><Ref refid="sslHttpConfig"/></Arg>
              </New>
            </Item>
          </Array>
        </Arg>
        <Set name="host"><Property name="jetty.host" /></Set>
        <Set name="port"><Property name="jetty.https.port" default="8443" /></Set>
        <Set name="idleTimeout">30000</Set>
      </New>
    </Arg>
  </Call>
</Configure>

jetty-ssl.xml

<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">

<!-- ============================================================= -->
<!-- Configure a TLS (SSL) Context Factory                         -->
<!-- This configuration must be used in conjunction with jetty.xml -->
<!-- and either jetty-https.xml or jetty-spdy.xml (but not both)   -->
<!-- ============================================================= -->
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
  <Set name="KeyStorePath"><Property name="jetty.home" default="." />/<Property name="jetty.keystore" default="target/jetty-ssl.keystore"/></Set>
  <Set name="KeyStorePassword"><Property name="jetty.keystore.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set>
  <Set name="KeyManagerPassword"><Property name="jetty.keymanager.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set>
  <Set name="TrustStorePath"><Property name="jetty.home" default="." />/<Property name="jetty.truststore" default="target/jetty-ssl.keystore"/></Set>
  <Set name="TrustStorePassword"><Property name="jetty.truststore.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set>
  <Set name="EndpointIdentificationAlgorithm"></Set>
  <Set name="ExcludeCipherSuites">
    <Array type="String">
      <Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
      <Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
    </Array>
  </Set>

  <!-- =========================================================== -->
  <!-- Create a TLS specific HttpConfiguration based on the        -->
  <!-- common HttpConfiguration defined in jetty.xml               -->
  <!-- Add a SecureRequestCustomizer to extract certificate and    -->
  <!-- session information                                         -->
  <!-- =========================================================== -->
  <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
    <Arg><Ref refid="httpConfig"/></Arg>
    <Call name="addCustomizer">
      <Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg>
    </Call>
  </New>

</Configure>

jetty.xml

<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
<Configure id="Server" class="org.eclipse.jetty.server.Server">
 <New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
 <Set name="secureScheme">https</Set>
 <Set name="securePort">
  <Property name="jetty.secure.port" default="8443" />
 </Set>
 </New>
</Configure>

In case you want to do it using Jetty 9, note that since jetty-9.0 it is no longer possible to configure a https connector directly in the pom.xml: you need to use jetty xml config files to do it.[1].

Here is an example:

pom.xml

<properties>
<jetty-version>9.1.2.v20140210</jetty-version>
</properties>
...
<dependency>
  <groupId>org.eclipse.jetty</groupId>
  <artifactId>jetty-server</artifactId>
  <version>${jetty-version}</version>
</dependency>
...
      <plugin>
            <groupId>org.codehaus.mojo</groupId>
            <artifactId>keytool-maven-plugin</artifactId>
            <version>1.3</version>
            <executions>
                <execution>
                    <phase>generate-resources</phase>
                    <id>clean</id>
                    <goals>
                        <goal>clean</goal>
                    </goals>
                </execution>
                <execution>
                    <phase>generate-resources</phase>
                    <id>genkey</id>
                    <goals>
                        <goal>generateKeyPair</goal>
                    </goals>
                </execution>
            </executions>
            <configuration>
                <keystore>${project.build.directory}/jetty-ssl.keystore</keystore>
                <dname>cn=127.0.0.1</dname><!-- put your CN here -->
                <keypass>dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g</keypass>
                <storepass>dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g</storepass>
                <alias>jetty</alias>
                <keyalg>RSA</keyalg>
            </configuration>
        </plugin>
        <plugin>
            <groupId>org.eclipse.jetty</groupId>
            <artifactId>jetty-maven-plugin</artifactId>
            <version>${jetty-version}</version>
            <configuration>
                <jettyXml>src/main/resources/jetty.xml,src/main/resources/jetty-ssl.xml,src/main/resources/jetty-https.xml</jettyXml>
            </configuration>
        </plugin>

jetty-https.xml

<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
<Configure id="Server" class="org.eclipse.jetty.server.Server">
  <Call id="httpsConnector" name="addConnector">
    <Arg>
      <New class="org.eclipse.jetty.server.ServerConnector">
        <Arg name="server"><Ref refid="Server" /></Arg>
        <Arg name="factories">
          <Array type="org.eclipse.jetty.server.ConnectionFactory">
            <Item>
              <New class="org.eclipse.jetty.server.SslConnectionFactory">
                <Arg name="next">http/1.1</Arg>
                <Arg name="sslContextFactory"><Ref refid="sslContextFactory"/></Arg>
              </New>
            </Item>
            <Item>
              <New class="org.eclipse.jetty.server.HttpConnectionFactory">
                <Arg name="config"><Ref refid="sslHttpConfig"/></Arg>
              </New>
            </Item>
          </Array>
        </Arg>
        <Set name="host"><Property name="jetty.host" /></Set>
        <Set name="port"><Property name="jetty.https.port" default="8443" /></Set>
        <Set name="idleTimeout">30000</Set>
      </New>
    </Arg>
  </Call>
</Configure>

jetty-ssl.xml

<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">

<!-- ============================================================= -->
<!-- Configure a TLS (SSL) Context Factory                         -->
<!-- This configuration must be used in conjunction with jetty.xml -->
<!-- and either jetty-https.xml or jetty-spdy.xml (but not both)   -->
<!-- ============================================================= -->
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
  <Set name="KeyStorePath"><Property name="jetty.home" default="." />/<Property name="jetty.keystore" default="target/jetty-ssl.keystore"/></Set>
  <Set name="KeyStorePassword"><Property name="jetty.keystore.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set>
  <Set name="KeyManagerPassword"><Property name="jetty.keymanager.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set>
  <Set name="TrustStorePath"><Property name="jetty.home" default="." />/<Property name="jetty.truststore" default="target/jetty-ssl.keystore"/></Set>
  <Set name="TrustStorePassword"><Property name="jetty.truststore.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set>
  <Set name="EndpointIdentificationAlgorithm"></Set>
  <Set name="ExcludeCipherSuites">
    <Array type="String">
      <Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
      <Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
    </Array>
  </Set>

  <!-- =========================================================== -->
  <!-- Create a TLS specific HttpConfiguration based on the        -->
  <!-- common HttpConfiguration defined in jetty.xml               -->
  <!-- Add a SecureRequestCustomizer to extract certificate and    -->
  <!-- session information                                         -->
  <!-- =========================================================== -->
  <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
    <Arg><Ref refid="httpConfig"/></Arg>
    <Call name="addCustomizer">
      <Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg>
    </Call>
  </New>

</Configure>

jetty.xml

<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd">
<Configure id="Server" class="org.eclipse.jetty.server.Server">
 <New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
 <Set name="secureScheme">https</Set>
 <Set name="securePort">
  <Property name="jetty.secure.port" default="8443" />
 </Set>
 </New>
</Configure>
回复 原文
~没有更多了~

关于作者

你是暖光i

暂无简介

0 文章
0 评论
22 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

linfzu01

文章 0 评论 0

§对你不离不弃

文章 0 评论 0

可遇━不可求

文章 0 评论 0

枕梦

文章 0 评论 0

qq_3LFa8Q

文章 0 评论 0

JP

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文