Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Issue #1673 - jetty-demo/etc/keystore should not be distributed. 

Updated documentation: now the test-keystore is generated on-the-fly.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
This commit is contained in:
Simone Bordet 2021-01-12 10:56:35 +01:00
parent 7fe8d1d4ad
commit 750de51974
4 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
jetty-documentation/src/main/asciidoc/operations-guide/modules/module-test-keystore.adoc
View File

@ -14,7 +14,8 @@
[[og-module-test-keystore]]
==== Module `test-keystore`
The `test-keystore` module provides a KeyStore containing a self-signed certificate for domain `localhost`.
The `test-keystore` module creates on-the-fly a KeyStore containing a self-signed certificate for domain `localhost`.
The KeyStore file is automatically deleted when the JVM exits, and re-created when you restart Jetty, to enforce the fact that it is a _test_ KeyStore that should not be reused if not for testing.
The module file is `$JETTY_HOME/modules/test-keystore.mod`:

3
jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-http2s.adoc
View File

@ -30,7 +30,7 @@ $ java -jar $JETTY_HOME/start.jar --add-modules=ssl,http2,https
As when enabling the `https` Jetty module, you need a valid KeyStore (read xref:og-keystore[this section] to create your own KeyStore).
As a quick example, you can enable the xref:og-module-test-keystore[`test-keystore` module], that provides a KeyStore containing a self-signed certificate:
As a quick example, you can enable the xref:og-module-test-keystore[`test-keystore` module], that creates on-the-fly a KeyStore containing a self-signed certificate:
----
$ java -jar $JETTY_HOME/start.jar --add-modules=test-keystore
@ -43,6 +43,7 @@ $ java -jar $JETTY_HOME/start.jar
----
[source,subs=quotes]
----
2020-09-29 19:00:47.137:WARN :oejk.KeystoreGenerator:main: Generating Test Keystore: DO NOT USE IN PRODUCTION!
2020-09-29 19:00:47.316:INFO :oejs.Server:main: jetty-10.0.0-SNAPSHOT; built: 2020-09-29T13:28:40.441Z; git: 9c0082610528a846b366ae26f4c74894579a8e48; jvm 15+36-1562
2020-09-29 19:00:47.528:INFO :oejus.SslContextFactory:main: x509=X509@7770f470(mykey,h=[localhost],w=[]) for Server@24313fcc[provider=null,keyStore=file:///tmp/jetty.base/etc/test-keystore.p12,trustStore=file:///tmp/jetty.base/etc/test-keystore.p12]
2020-09-29 19:00:47.621:INFO :oejs.AbstractConnector:main: Started ServerConnector@73700b80##{SSL, (ssl, alpn, h2, http/1.1)}{0.0.0.0:8443}##

2
jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-https.adoc
View File

@ -56,7 +56,7 @@ You need to configure these two properties by editing `ssl.ini`:
* `jetty.sslContext.keyStorePath`
* `jetty.sslContext.keyStorePassword`
As a quick example, you can enable the xref:og-module-test-keystore[`test-keystore` module], that provides a KeyStore containing a self-signed certificate:
As a quick example, you can enable the xref:og-module-test-keystore[`test-keystore` module], that creates on-the-fly a KeyStore containing a self-signed certificate:
----
$ java -jar $JETTY_HOME/start.jar --add-modules=test-keystore

2
jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-websocket.adoc
View File

@ -56,7 +56,7 @@ $ java -jar $JETTY_HOME/start.jar --add-modules=http2,websocket
----
When enabling secure protocols you need a valid KeyStore (read xref:og-keystore[this section] to create your own KeyStore).
As a quick example, you can enable the xref:og-module-test-keystore[`test-keystore` module], that provides a KeyStore containing a self-signed certificate:
As a quick example, you can enable the xref:og-module-test-keystore[`test-keystore` module], that creates on-the-fly a KeyStore containing a self-signed certificate:
----
$ java -jar $JETTY_HOME/start.jar --add-modules=test-keystore