Discussion:
[jetty-users] Some advise needed
Simone Bordet
2018-05-21 13:17:00 UTC
Permalink
Hi,
Hello Everyone,
I am new to this list, and I’m not sure if this is the right place to ask my
question,
so please forgive me, if this is not the right place.
I am using jetty 9.3.9 on windows server. I installed SSL certificate for
the server and it works fine.
What JDK version ?
You want to make sure you are on the latest JDK version that support
TLS 1.2 and OCSP stapling.
I tried to test the ssl configuration by using https://www.htbridge.com/ssl/
and the result says it needs some work.
1- remove some weak elliptic curves like secp160k1 (161 bits)
I searched the web to find a document to do this without any luck.
https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html
2- The test result also says : “SERVER DOES NOT SUPPORT OCSP STAPLING“
How can I enable OCSP?
https://stackoverflow.com/questions/49904935/jetty-9-enable-ocsp-stapling-for-domain-validated-certificate
3- How to redirect http to https?
https://www.eclipse.org/jetty/documentation/current/moved-context-handler.html
--
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.
Joakim Erdfelt
2018-05-21 13:35:56 UTC
Permalink
Post by Simone Bordet
3- How to redirect http to https?
https://www.eclipse.org/jetty/documentation/current/moved-
context-handler.html
This can also be done with the SecuredRedirectHandler for all contexts and
webapps.
https://stackoverflow.com/questions/26123604/redirect-from-http-to-https-automatically-in-embedded-jetty/26125528#26125528

If you want it for just a specific webapp, look at the WEB-INF/web.xml
security constraints.
https://stackoverflow.com/questions/20611815/redirect-from-http-to-https-in-jetty

- Joakim
Saeed Khademi
2018-05-23 03:36:46 UTC
Permalink
Hi,
Both JDK and JRE versions are 1.8.0.92.

Thank you for the help and reply.
I went through all 3 documents, but none of them worked.
Still working on them and will inform about the result.

Kind Regards,
Saeed.



-----Original Message-----
From: Simone Bordet
Sent: Monday, May 21, 2018 5:47 PM
To: JETTY user mailing list
Subject: Re: [jetty-users] Some advise needed

Hi,
Hello Everyone,
I am new to this list, and I’m not sure if this is the right place to ask my
question,
so please forgive me, if this is not the right place.
I am using jetty 9.3.9 on windows server. I installed SSL certificate for
the server and it works fine.
What JDK version ?
You want to make sure you are on the latest JDK version that support
TLS 1.2 and OCSP stapling.
I tried to test the ssl configuration by using
https://www.htbridge.com/ssl/
and the result says it needs some work.
1- remove some weak elliptic curves like secp160k1 (161 bits)
I searched the web to find a document to do this without any luck.
https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html
2- The test result also says : “SERVER DOES NOT SUPPORT OCSP STAPLING“
How can I enable OCSP?
https://stackoverflow.com/questions/49904935/jetty-9-enable-ocsp-stapling-for-domain-validated-certificate
3- How to redirect http to https?
https://www.eclipse.org/jetty/documentation/current/moved-context-handler.html
--
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.
_______________________________________________
jetty-users mailing list
jetty-***@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
Loading...