jetty-osgi/test-jetty-osgi/src/test/config/etc/jetty-ssl.xml - jetty - Git at Google

 <?xml version="1.0"?>
 <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">

 <!-- ============================================================= -->
 <!-- Base SSL configuration                                        -->
 <!-- This configuration needs to be used together with 1 or more   -->
 <!-- of jetty-https.xml and/or jetty-http2.xml                     -->
 <!-- ============================================================= -->
 <Configure id="Server" class="org.eclipse.jetty.server.Server">

   <!-- =========================================================== -->
   <!-- Add a SSL Connector with no protocol factories              -->
   <!-- =========================================================== -->
   <Call  name="addConnector">
     <Arg>
       <New id="sslConnector" class="org.eclipse.jetty.server.ServerConnector">
         <Arg name="server"><Ref refid="Server" /></Arg>
           <Arg name="factories">
             <Array type="org.eclipse.jetty.server.ConnectionFactory">
             </Array>
           </Arg>
           <Set name="host"><Property name="jetty.ssl.host" /></Set>
           <Set name="port"><Property name="jetty.ssl.port" default="443" /></Set>
           <Set name="idleTimeout"><Property name="jetty.ssl.idleTimeout" default="30000"/></Set>
           <Set name="soLingerTime"><Property name="jetty.ssl.soLingerTime" default="-1"/></Set>
         </New>
     </Arg>
   </Call>

   <!-- ============================================================= -->
   <!-- Create a TLS (SSL) Context Factory  for later reuse           -->
   <!-- ============================================================= -->
   <New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
     <Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.keyStorePath" default="etc/keystore"/></Set>
     <Set name="KeyStorePassword"><Property name="jetty.sslContext.keyStorePassword" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>
     <Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.trustStorePath" default="etc/keystore"/></Set>
     <Set name="TrustStorePassword"><Property name="jetty.sslContext.trustStorePassword" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>
     <Set name="EndpointIdentificationAlgorithm"></Set>
     <Set name="NeedClientAuth"><Property name="jetty.sslContext.needClientAuth" default="false"/></Set>
     <Set name="WantClientAuth"><Property name="jetty.sslContext.wantClientAuth" default="false"/></Set>
     <Set name="ExcludeCipherSuites">
      <Array type="String">
       <Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
       <Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
       <Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
       <Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
       <Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
       <Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
       <Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
      </Array>
     </Set>
   </New>

   <!-- =========================================================== -->
   <!-- Create a TLS specific HttpConfiguration based on the        -->
   <!-- common HttpConfiguration defined in jetty.xml               -->
   <!-- Add a SecureRequestCustomizer to extract certificate and    -->
   <!-- session information                                         -->
   <!-- =========================================================== -->
   <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
     <Arg><Ref refid="httpConfig"/></Arg>
     <Call name="addCustomizer">
       <Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg>
     </Call>
   </New>

 </Configure>
	<?xml version="1.0"?>
	<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">

	<!-- ============================================================= -->
	<!-- Base SSL configuration -->
	<!-- This configuration needs to be used together with 1 or more -->
	<!-- of jetty-https.xml and/or jetty-http2.xml -->
	<!-- ============================================================= -->
	<Configure id="Server" class="org.eclipse.jetty.server.Server">

	<!-- =========================================================== -->
	<!-- Add a SSL Connector with no protocol factories -->
	<!-- =========================================================== -->
	<Call name="addConnector">
	<Arg>
	<New id="sslConnector" class="org.eclipse.jetty.server.ServerConnector">
	<Arg name="server"><Ref refid="Server" /></Arg>
	<Arg name="factories">
	<Array type="org.eclipse.jetty.server.ConnectionFactory">
	</Array>
	</Arg>
	<Set name="host"><Property name="jetty.ssl.host" /></Set>
	<Set name="port"><Property name="jetty.ssl.port" default="443" /></Set>
	<Set name="idleTimeout"><Property name="jetty.ssl.idleTimeout" default="30000"/></Set>
	<Set name="soLingerTime"><Property name="jetty.ssl.soLingerTime" default="-1"/></Set>
	</New>
	</Arg>
	</Call>

	<!-- ============================================================= -->
	<!-- Create a TLS (SSL) Context Factory for later reuse -->
	<!-- ============================================================= -->
	<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
	<Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.keyStorePath" default="etc/keystore"/></Set>
	<Set name="KeyStorePassword"><Property name="jetty.sslContext.keyStorePassword" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>
	<Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.trustStorePath" default="etc/keystore"/></Set>
	<Set name="TrustStorePassword"><Property name="jetty.sslContext.trustStorePassword" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>
	<Set name="EndpointIdentificationAlgorithm"></Set>
	<Set name="NeedClientAuth"><Property name="jetty.sslContext.needClientAuth" default="false"/></Set>
	<Set name="WantClientAuth"><Property name="jetty.sslContext.wantClientAuth" default="false"/></Set>
	<Set name="ExcludeCipherSuites">
	<Array type="String">
	<Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
	<Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
	<Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
	<Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
	<Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
	<Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
	<Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
	</Array>
	</Set>
	</New>

	<!-- =========================================================== -->
	<!-- Create a TLS specific HttpConfiguration based on the -->
	<!-- common HttpConfiguration defined in jetty.xml -->
	<!-- Add a SecureRequestCustomizer to extract certificate and -->
	<!-- session information -->
	<!-- =========================================================== -->
	<New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
	<Arg><Ref refid="httpConfig"/></Arg>
	<Call name="addCustomizer">
	<Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg>
	</Call>
	</New>

	</Configure>