Home » Java » Enterprise Java » Setup SSL in Jetty

About Ashkrit Sharma

Ashkrit Sharma
Pragmatic software developer who loves practice that makes software development fun and likes to develop high performance & low latency system.

Setup SSL in Jetty

Have you faced issues when you have to quickly enable SSL and you got stuck with it :-(

You are not alone, i will share my pain and some learning.

I will share steps to enable SSL on jetty.

Warning: Use below instruction only for dev setup and for production contact your security expert !

  • Install jetty on your server
  • Setup some env variable for convenience like

export jetty_home=…/somejetty

export jetty_base = …/your_application_install_location

It is recommended to keep jetty base out side of jetty installation otherwise you will have classpath nightmare

  • Execute below command to create initial setup for SSL

java -jar $jetty_home/start.jar –add-to-startd=ssl jetty.base=$jetty_base

Once you run above command you will see something like below on console.

  
INFO: ssl             initialised in ${jetty.base}/start.d/ssl.ini (created)

INFO: ssl             enabled in     /data/segmentation/segplat-deployments/app/application_secure/bin/${jetty.base}/start.d/ssl.ini

INFO: server          initialised in ${jetty.base}/start.ini

INFO: server          enabled in     ${jetty.base}/start.ini

INFO: server          enabled in     <transitive>

INFO: resources       initialised in ${jetty.base}/start.ini

INFO: resources       enabled in     ${jetty.base}/start.ini

INFO: resources       enabled in     <transitive>
  •  Add below line  ${jetty.base}/start.d/ssl.ini

–module=https

Check ssl port(jetty.ssl.port) and change it accordingly

  • Add below line in  ${jetty.base}/start.ini

jetty.ssl.port=port

Use same port as ssl.ini file.

  • Start the server

java -jar $jetty_home/start.jar jetty.base=$jetty_base

You are done :-) Jetty starts on ssl .

Magic Questions

Which certificate is used by jetty ? 

That is the magic, jetty ships with certificate that is already imported in keystore that jetty is using.

Jetty looks for keystore in $jetty_base/etc/keystore location.

What is password of keystore

Key store password is $jetty_base/start.d/ssl.ini , but it is encrypted. You can use below command to get the password.

java -cp jetty-util-9.2.14.v20151106.jar org.eclipse.jetty.util.security.Password “OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4” 

it is “storepwd”

How to see what is in key store ? run the below command and enter password

keytool –list  -v -keystore keystore

If jetty gives some error like password is wrong or tampered then copy the keystore from $jetty_home/etc/keystore to  $jetty_base/etc

It takes only 5 minutes to perform all the steps but only if you know otherwise it is day long frustration. Enjoy development with jetty.

Published on Java Code Geeks with permission by Ashkrit Sharma, partner at our JCG program. See the original article here: Setup SSL in Jetty

Opinions expressed by Java Code Geeks contributors are their own.

(0 rating, 0 votes)
You need to be a registered member to rate this.
Start the discussion Views Tweet it!
Do you want to know how to develop your skillset to become a Java Rockstar?
Subscribe to our newsletter to start Rocking right now!
To get you started we give you our best selling eBooks for FREE!
1. JPA Mini Book
2. JVM Troubleshooting Guide
3. JUnit Tutorial for Unit Testing
4. Java Annotations Tutorial
5. Java Interview Questions
6. Spring Interview Questions
7. Android UI Design
and many more ....
I agree to the Terms and Privacy Policy

Leave a Reply

avatar

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
Notify of