I am installing a standalone (not built-in) berth 9.2.1 using https.
I played a little with a self-signed certificate in my local box, and everything went well.
Now I am setting up a uat server (similar to what I get during production), and I cannot start https correctly. These are my steps:
1) I created a keystore, generated a certificate request and sent to my CA, received a signed certificate and imported both new and root certificates into the keystore
2) I can verify that the keystore looks great and does:
keytool -list -keystore jetty.jks
I see all certificates showing their alias
3) I put the keystore in the / etc folder and edited the jetty-ssl.xml file
<Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.keystore" default="etc/jetty.jks"/></Set>
<Set name="KeyStorePassword"><Property name="jetty.keystore.password" default="somepassword"/></Set>
<Set name="KeyManagerPassword"><Property name="jetty.keymanager.password" default="somepassword"/></Set>
<Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.truststore" default="etc/jetty.jks"/></Set>
<Set name="TrustStorePassword"><Property name="jetty.truststore.password" default="somepassword"/></Set>
when I start, I see both http and https connectors 'up'
10927 [main] INFO org.eclipse.jetty.server.ServerConnector - Started ServerConnector@231e04a9{HTTP/1.1}{0.0.0.0:8090}
11285 [main] INFO org.eclipse.jetty.server.ServerConnector - Started ServerConnector@4a1f826d{SSL-http/1.1}{0.0.0.0:8443}
11285 [main] INFO org.eclipse.jetty.server.Server - Started @12632ms
https , netstat, 8443 ( 8090)
"sample", , , - ... ( -DDEBUG = true), .
"", -Djetty.https-cert-alias = capi, .
, ?
!