diff --git a/jetty-documentation/src/main/asciidoc/operations-guide/modules/module-test-keystore.adoc b/jetty-documentation/src/main/asciidoc/operations-guide/modules/module-test-keystore.adoc index fb3a1d3655b..571176a48bb 100644 --- a/jetty-documentation/src/main/asciidoc/operations-guide/modules/module-test-keystore.adoc +++ b/jetty-documentation/src/main/asciidoc/operations-guide/modules/module-test-keystore.adoc @@ -14,7 +14,8 @@ [[og-module-test-keystore]] ==== Module `test-keystore` -The `test-keystore` module provides a KeyStore containing a self-signed certificate for domain `localhost`. +The `test-keystore` module creates on-the-fly a KeyStore containing a self-signed certificate for domain `localhost`. +The KeyStore file is automatically deleted when the JVM exits, and re-created when you restart Jetty, to enforce the fact that it is a _test_ KeyStore that should not be reused if not for testing. The module file is `$JETTY_HOME/modules/test-keystore.mod`: diff --git a/jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-http2s.adoc b/jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-http2s.adoc index c5235520038..c5b4339f054 100644 --- a/jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-http2s.adoc +++ b/jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-http2s.adoc @@ -30,7 +30,7 @@ $ java -jar $JETTY_HOME/start.jar --add-modules=ssl,http2,https As when enabling the `https` Jetty module, you need a valid KeyStore (read xref:og-keystore[this section] to create your own KeyStore). -As a quick example, you can enable the xref:og-module-test-keystore[`test-keystore` module], that provides a KeyStore containing a self-signed certificate: +As a quick example, you can enable the xref:og-module-test-keystore[`test-keystore` module], that creates on-the-fly a KeyStore containing a self-signed certificate: ---- $ java -jar $JETTY_HOME/start.jar --add-modules=test-keystore @@ -43,6 +43,7 @@ $ java -jar $JETTY_HOME/start.jar ---- [source,subs=quotes] ---- +2020-09-29 19:00:47.137:WARN :oejk.KeystoreGenerator:main: Generating Test Keystore: DO NOT USE IN PRODUCTION! 2020-09-29 19:00:47.316:INFO :oejs.Server:main: jetty-10.0.0-SNAPSHOT; built: 2020-09-29T13:28:40.441Z; git: 9c0082610528a846b366ae26f4c74894579a8e48; jvm 15+36-1562 2020-09-29 19:00:47.528:INFO :oejus.SslContextFactory:main: x509=X509@7770f470(mykey,h=[localhost],w=[]) for Server@24313fcc[provider=null,keyStore=file:///tmp/jetty.base/etc/test-keystore.p12,trustStore=file:///tmp/jetty.base/etc/test-keystore.p12] 2020-09-29 19:00:47.621:INFO :oejs.AbstractConnector:main: Started ServerConnector@73700b80##{SSL, (ssl, alpn, h2, http/1.1)}{0.0.0.0:8443}## diff --git a/jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-https.adoc b/jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-https.adoc index d1e60213a0a..36c57f3b633 100644 --- a/jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-https.adoc +++ b/jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-https.adoc @@ -56,7 +56,7 @@ You need to configure these two properties by editing `ssl.ini`: * `jetty.sslContext.keyStorePath` * `jetty.sslContext.keyStorePassword` -As a quick example, you can enable the xref:og-module-test-keystore[`test-keystore` module], that provides a KeyStore containing a self-signed certificate: +As a quick example, you can enable the xref:og-module-test-keystore[`test-keystore` module], that creates on-the-fly a KeyStore containing a self-signed certificate: ---- $ java -jar $JETTY_HOME/start.jar --add-modules=test-keystore diff --git a/jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-websocket.adoc b/jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-websocket.adoc index a3b7d7ea60e..69d00ce2f55 100644 --- a/jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-websocket.adoc +++ b/jetty-documentation/src/main/asciidoc/operations-guide/protocols/protocols-websocket.adoc @@ -56,7 +56,7 @@ $ java -jar $JETTY_HOME/start.jar --add-modules=http2,websocket ---- When enabling secure protocols you need a valid KeyStore (read xref:og-keystore[this section] to create your own KeyStore). -As a quick example, you can enable the xref:og-module-test-keystore[`test-keystore` module], that provides a KeyStore containing a self-signed certificate: +As a quick example, you can enable the xref:og-module-test-keystore[`test-keystore` module], that creates on-the-fly a KeyStore containing a self-signed certificate: ---- $ java -jar $JETTY_HOME/start.jar --add-modules=test-keystore