2010-09-25 45 views
12

我想使用SSL/HTTPS的使用码头 - Maven的插件如何在Maven/Mortbay Jetty Plugin中使用https/ssl?

http://docs.codehaus.org/display/JETTY/How+to+configure+SSL

描述,但我不知道如何配置插件。任何提示,例子,教程,演练?

此外,我不知道如何执行上述教程的步骤3b,其中需要操纵码头服务器(java -classpath $JETTY_HOME/lib/jetty-util-6.1-SNAPSHOT.jar:$JETTY_HOME/lib/jetty-6.1-SNAPSHOT.jar org.mortbay.jetty.security.PKCS12Import jetty.pkcs12 keystore)。

+0

这里是唯一的工作,明确一步一步,我已经找到了码头9:http://juplo.de/configure-https-for-jetty -maven-plugin-9-0-x /#comment-53352 – mtyson 2016-05-18 15:41:14

回答

24

您可以使用Maven创建开发证书并在启动Jetty时使用它。首先,配置密钥工具,Maven的插件创建开发证书:

<plugin> 
    <groupId>org.codehaus.mojo</groupId> 
    <artifactId>keytool-maven-plugin</artifactId> 
    <executions> 
    <execution> 
     <phase>generate-resources</phase> 
     <id>clean</id> 
     <goals> 
     <goal>clean</goal> 
     </goals> 
    </execution> 
    <execution> 
     <phase>generate-resources</phase> 
     <id>genkey</id> 
     <goals> 
     <goal>genkey</goal> 
     </goals> 
    </execution> 
    </executions> 
    <configuration> 
    <keystore>${project.build.directory}/jetty-ssl.keystore</keystore> 
    <dname>cn=my.hostname.tld</dname><!-- put your CN here--> 
    <keypass>jetty6</keypass> 
    <storepass>jetty6</storepass> 
    <alias>jetty6</alias> 
    <keyalg>RSA</keyalg> 
    </configuration> 
</plugin> 

更改CN如你所愿。然后配置Maven的码头,插件使用开发证书:

<plugin> 
    <groupId>org.mortbay.jetty</groupId> 
    <artifactId>maven-jetty-plugin</artifactId> 
    <version>6.1.10</version> 
    <configuration> 
    <contextPath>/context</contextPath> 
    <scanIntervalSeconds>5</scanIntervalSeconds> 
    <connectors> 
     <connector implementation="org.mortbay.jetty.nio.SelectChannelConnector"> 
     <port>8080</port> 
     <maxIdleTime>60000</maxIdleTime> 
     </connector> 
     <connector implementation="org.mortbay.jetty.security.SslSocketConnector"> 
     <port>8443</port> 
     <maxIdleTime>60000</maxIdleTime> 
     <keystore>${project.build.directory}/jetty-ssl.keystore</keystore> 
     <password>jetty6</password> 
     <keyPassword>jetty6</keyPassword> 
     </connector> 
    </connectors> 
    </configuration> 
</plugin> 

运行mvn jetty:run和开放https://localhost:8443/context

+0

帕斯卡,你*有点奇迹......再次超越! – 2010-09-25 21:10:40

+0

@ user268098不客气。很高兴你喜欢这个答案。 – 2010-09-25 21:18:52

+0

+1优秀的答案!你会说这些Jetty配置也可以用于使用Jetty的货物插件吗? – 2013-11-06 17:14:56

10

如果你是使用帕斯卡的解决方案得到这个错误: -

Could not find goal 'genkey' in plugin org.codehaus.mojo:keytool-maven-plugin:1.3 
  1. 使用 'generateKeyPair' 为目标。 (我相信不推荐使用genKey。)
  2. 添加插件版本。

插件定义应该是这样的: -

 <plugin> 
      <groupId>org.codehaus.mojo</groupId> 
      <artifactId>keytool-maven-plugin</artifactId> 
      <version>1.3</version> 
      <executions> 
       <execution> 
        <phase>generate-resources</phase> 
        <id>clean</id> 
        <goals> 
         <goal>clean</goal> 
        </goals> 
       </execution> 
       <execution> 
        <phase>generate-resources</phase> 
        <id>genkey</id> 
        <goals> 
         <goal>generateKeyPair</goal> 
        </goals> 
       </execution> 
      </executions> 
      <configuration> 
       <keystore>${project.build.directory}/jetty-ssl.keystore</keystore> 
       <dname>cn=my.hostname.tld</dname><!-- put your CN here --> 
       <keypass>jetty6</keypass> 
       <storepass>jetty6</storepass> 
       <alias>jetty6</alias> 
       <keyalg>RSA</keyalg> 
      </configuration> 
     </plugin> 
3

如果你想这样做,使用码头9,注意因为码头 - 9.0不再可以直接配置HTTPS连接器在pom.xml中:你需要使用jetty xml配置文件来完成它。[1]

下面是一个例子:

的pom.xml

<properties> 
<jetty-version>9.1.2.v20140210</jetty-version> 
</properties> 
... 
<dependency> 
    <groupId>org.eclipse.jetty</groupId> 
    <artifactId>jetty-server</artifactId> 
    <version>${jetty-version}</version> 
</dependency> 
... 
     <plugin> 
      <groupId>org.codehaus.mojo</groupId> 
      <artifactId>keytool-maven-plugin</artifactId> 
      <version>1.3</version> 
      <executions> 
       <execution> 
        <phase>generate-resources</phase> 
        <id>clean</id> 
        <goals> 
         <goal>clean</goal> 
        </goals> 
       </execution> 
       <execution> 
        <phase>generate-resources</phase> 
        <id>genkey</id> 
        <goals> 
         <goal>generateKeyPair</goal> 
        </goals> 
       </execution> 
      </executions> 
      <configuration> 
       <keystore>${project.build.directory}/jetty-ssl.keystore</keystore> 
       <dname>cn=127.0.0.1</dname><!-- put your CN here --> 
       <keypass>dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g</keypass> 
       <storepass>dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g</storepass> 
       <alias>jetty</alias> 
       <keyalg>RSA</keyalg> 
      </configuration> 
     </plugin> 
     <plugin> 
      <groupId>org.eclipse.jetty</groupId> 
      <artifactId>jetty-maven-plugin</artifactId> 
      <version>${jetty-version}</version> 
      <configuration> 
       <jettyXml>src/main/resources/jetty.xml,src/main/resources/jetty-ssl.xml,src/main/resources/jetty-https.xml</jettyXml> 
      </configuration> 
     </plugin>  

码头-https.xml

<?xml version="1.0"?> 
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd"> 
<Configure id="Server" class="org.eclipse.jetty.server.Server"> 
    <Call id="httpsConnector" name="addConnector"> 
    <Arg> 
     <New class="org.eclipse.jetty.server.ServerConnector"> 
     <Arg name="server"><Ref refid="Server" /></Arg> 
     <Arg name="factories"> 
      <Array type="org.eclipse.jetty.server.ConnectionFactory"> 
      <Item> 
       <New class="org.eclipse.jetty.server.SslConnectionFactory"> 
       <Arg name="next">http/1.1</Arg> 
       <Arg name="sslContextFactory"><Ref refid="sslContextFactory"/></Arg> 
       </New> 
      </Item> 
      <Item> 
       <New class="org.eclipse.jetty.server.HttpConnectionFactory"> 
       <Arg name="config"><Ref refid="sslHttpConfig"/></Arg> 
       </New> 
      </Item> 
      </Array> 
     </Arg> 
     <Set name="host"><Property name="jetty.host" /></Set> 
     <Set name="port"><Property name="jetty.https.port" default="8443" /></Set> 
     <Set name="idleTimeout">30000</Set> 
     </New> 
    </Arg> 
    </Call> 
</Configure> 

码头-ssl.xml

<?xml version="1.0"?> 
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd"> 

<!-- ============================================================= --> 
<!-- Configure a TLS (SSL) Context Factory       --> 
<!-- This configuration must be used in conjunction with jetty.xml --> 
<!-- and either jetty-https.xml or jetty-spdy.xml (but not both) --> 
<!-- ============================================================= --> 
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory"> 
    <Set name="KeyStorePath"><Property name="jetty.home" default="." />/<Property name="jetty.keystore" default="target/jetty-ssl.keystore"/></Set> 
    <Set name="KeyStorePassword"><Property name="jetty.keystore.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set> 
    <Set name="KeyManagerPassword"><Property name="jetty.keymanager.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set> 
    <Set name="TrustStorePath"><Property name="jetty.home" default="." />/<Property name="jetty.truststore" default="target/jetty-ssl.keystore"/></Set> 
    <Set name="TrustStorePassword"><Property name="jetty.truststore.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set> 
    <Set name="EndpointIdentificationAlgorithm"></Set> 
    <Set name="ExcludeCipherSuites"> 
    <Array type="String"> 
     <Item>SSL_RSA_WITH_DES_CBC_SHA</Item> 
     <Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item> 
    </Array> 
    </Set> 

    <!-- =========================================================== --> 
    <!-- Create a TLS specific HttpConfiguration based on the  --> 
    <!-- common HttpConfiguration defined in jetty.xml    --> 
    <!-- Add a SecureRequestCustomizer to extract certificate and --> 
    <!-- session information           --> 
    <!-- =========================================================== --> 
    <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration"> 
    <Arg><Ref refid="httpConfig"/></Arg> 
    <Call name="addCustomizer"> 
     <Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg> 
    </Call> 
    </New> 

</Configure> 

的jetty.xml

<?xml version="1.0"?> 
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure.dtd"> 
<Configure id="Server" class="org.eclipse.jetty.server.Server"> 
<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration"> 
<Set name="secureScheme">https</Set> 
<Set name="securePort"> 
    <Property name="jetty.secure.port" default="8443" /> 
</Set> 
</New> 
</Configure> 
+0

这真的很接近,但我得到:[错误] 1)未绑定org.codehaus.mojo.keytool.KeyToolCommandLineBuilder的实现。 [错误]查找org.codehaus.mojo.keytool.DefaultKeyTool时 - 任何想法? – RockMeetHardplace 2015-10-14 21:43:59

+0

和往常一样,我回答我自己的问题。 keytool-maven-plugin - >版本1.5而不是1.3 – RockMeetHardplace 2015-10-14 21:49:48