java – Add HTTPS to a project using Jetty

Question:

Task: write a small web service, which will be accessed by a third-party client via https at a given frequency to receive data.

When choosing a tool, it was decided to use jetty (it seemed like an interesting library) and, accordingly, Java.

Generated a self-signed certificate via openssl, rsa: 2048.

Please tell me how to attach my certificate to the application. (Hook it from the code).

Answer:

Something like that, commented out text – adding a certificate to the store

package com.example;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.io.IOException;
import java.io.InputStream;
import java.io.DataInputStream;
import java.io.ByteArrayInputStream;
import java.security.spec.*;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.Collection;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.webapp.WebAppContext;

public class Main {
/*
  private static InputStream fullStream(String fname) throws IOException {
    FileInputStream fis = new FileInputStream(fname);
    DataInputStream dis = new DataInputStream(fis);
    byte[] bytes = new byte[dis.available()];
    dis.readFully(bytes);
    ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
    return bais;
  }
*/
    public static void main(String... args) throws Exception {
/*
  String certfile = "yourcert.cer";
  FileInputStream is = new FileInputStream("yourKeyStore.keystore");
  KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
  keystore.load(is, "yourKeyStorePass".toCharArray());
  String alias = "youralias";
  char[] password = "yourKeyStorePass".toCharArray();
  CertificateFactory cf = CertificateFactory.getInstance("X.509");
  InputStream certstream = fullStream (certfile);
  Certificate certs =  cf.generateCertificate(certstream);
  File keystoreFile = new File("yourKeyStorePass.keystore");
  FileInputStream in = new FileInputStream(keystoreFile);
  keystore.load(in, password);
  in.close();
  keystore.setCertificateEntry(alias, certs);
  FileOutputStream out = new FileOutputStream(keystoreFile);
  keystore.store(out, password);
  out.close();
*/
        Server server = new Server();
        WebAppContext webapp = new WebAppContext();
        webapp.setResourceBase("src/main/webapp");
        server.setHandler(webapp);
        HttpConfiguration http = new HttpConfiguration();
        http.addCustomizer(new SecureRequestCustomizer());
        http.setSecurePort(8443);
        http.setSecureScheme("https");
        ServerConnector connector = new ServerConnector(server);
        connector.addConnectionFactory(new HttpConnectionFactory(http));
        connector.setPort(8080);
        HttpConfiguration https = new HttpConfiguration();
        https.addCustomizer(new SecureRequestCustomizer());
        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setKeyStorePath(
            Main.class.getResource("keystore").toExternalForm()
        );
        sslContextFactory.setKeyStorePassword("javacodegeeks");
        sslContextFactory.setKeyManagerPassword("javacodegeeks");
        ServerConnector sslConnector = new ServerConnector(
            server, 
            new SslConnectionFactory(sslContextFactory, "http/1.1"), 
            new HttpConnectionFactory(https)
        );
        sslConnector.setPort(8443);
        server.setConnectors(new Connector[]{connector, sslConnector});
        server.start();
        server.join();
    }
}
Scroll to Top