[undertow-dev] SSL Documentation
Stuart Douglas
sdouglas at redhat.com
Thu Dec 8 21:00:17 EST 2016
Here is an example:
https://github.com/undertow-io/undertow/blob/master/examples/src/main/java/io/undertow/examples/http2/Http2Server.java
Looks like you have run into a bug, with regard to the
ClassCastException, you need to use the version that takes an
SslContext for now, although this should be fixed later today.
Stuart
On Fri, Dec 9, 2016 at 12:30 PM, Hicks, Matt <matt at matthicks.com> wrote:
> Well, I switched to using the signature that takes the KeyManagers array and
> TrustManagers array and now I'm at least getting an error:
>
> java.lang.ClassCastException: org.xnio.ssl.JsseSslStreamConnection cannot be
> cast to io.undertow.protocols.ssl.UndertowSslConnection at
> io.undertow.protocols.ssl.UndertowXnioSsl.getSslConduit(UndertowXnioSsl.java:141)
>
> This seems like a really flimsy implementation. Am I better offer just
> wrapping Undertow with Apache or Nginx?
>
> On Thu, Dec 8, 2016 at 7:26 PM Bill O'Neil <bill at dartalley.com> wrote:
>>
>> Hmm I'm not sure. I SSL terminate before I hit undertow.
>>
>> On Thu, Dec 8, 2016 at 8:16 PM, Hicks, Matt <matt at matthicks.com> wrote:
>>>
>>> Also, to clarify, the HttpHandler's handleRequest is never being called.
>>>
>>> On Thu, Dec 8, 2016 at 7:14 PM Hicks, Matt <matt at matthicks.com> wrote:
>>>>
>>>> It was worth a try, but no change. Thanks for the suggestion though.
>>>>
>>>> On Thu, Dec 8, 2016 at 7:12 PM Bill O'Neil <bill at dartalley.com> wrote:
>>>>>
>>>>> Try the constructor with 4 args where you also pass a handler.
>>>>>
>>>>> public Builder addHttpsListener(int port, String host,
>>>>> SSLContext sslContext, HttpHandler rootHandler) {
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Dec 8, 2016 at 8:06 PM, Hicks, Matt <matt at matthicks.com> wrote:
>>>>>>
>>>>>> I've made some progress. After adding the following to the builder:
>>>>>>
>>>>>> val password = config.https.password.get.toCharArray
>>>>>> val keyStore = KeyStore.getInstance("JKS")
>>>>>> val keyStoreFile = config.https.keyStoreLocation.get
>>>>>> assert(keyStoreFile.exists(), s"No keystore file was found at the
>>>>>> location: ${keyStoreFile.getAbsolutePath}")
>>>>>> val keyStoreInput = new FileInputStream(keyStoreFile)
>>>>>> keyStore.load(keyStoreInput, password)
>>>>>> val keyManagerFactory =
>>>>>> KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm)
>>>>>> keyManagerFactory.init(keyStore, password)
>>>>>> val trustManagerFactory =
>>>>>> TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm)
>>>>>> trustManagerFactory.init(keyStore)
>>>>>> val sslContext = SSLContext.getInstance("TLS")
>>>>>> sslContext.init(keyManagerFactory.getKeyManagers,
>>>>>> trustManagerFactory.getTrustManagers, new SecureRandom)
>>>>>> builder.addHttpsListener(config.https.port.get, config.https.host.get,
>>>>>> sslContext)
>>>>>>
>>>>>> Everything starts as expected, no errors, but when I hit
>>>>>> localhost:8443 with the browser it says "localhost didn't send any data".
>>>>>>
>>>>>> Should it use what I've set with "builder.setHandler" for HTTPS as
>>>>>> well?
>>>>>>
>>>>>> On Thu, Dec 8, 2016 at 10:53 AM Hicks, Matt <matt at matthicks.com>
>>>>>> wrote:
>>>>>>>
>>>>>>> Is there any documentation for configuring SSL on my server? I was
>>>>>>> looking through the online docs and found nothing (apart from "Assembling a
>>>>>>> Server Manually").
>>>>>>>
>>>>>>> Any assistance would be appreciated.
>>>>>>>
>>>>>>> Thanks
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> undertow-dev mailing list
>>>>>> undertow-dev at lists.jboss.org
>>>>>> https://lists.jboss.org/mailman/listinfo/undertow-dev
>>>>>
>>>>>
>>
>
> _______________________________________________
> undertow-dev mailing list
> undertow-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/undertow-dev
More information about the undertow-dev
mailing list