Hi with UberJar deployment, is it possible to use SSL? This is desirable in order to get rid of the “insecure connection” message when the application is deployed on the internet.
Hi Willie,
It’s possible to configure Jetty server using jetty.xml (see [url=https://doc.cuba-platform.com/manual-6.6/build.gradle_buildUberJar.html]https://doc.cuba-platform.com/manual-6.6/build.gradle_buildUberJar.html[/url] and webJettyConfPath), so it’s possible to enable SSL.
Steps:
- Generating keys and certificates with JDK keytool:
keytool -keystore keystore.jks -alias jetty -genkey -keyalg RSA - Create jetty.xml with SSL configuration:
<Configure id="Server" class="org.eclipse.jetty.server.Server"> <Call name="addConnector"> <Arg> <New class="org.eclipse.jetty.server.ServerConnector"> <Arg name="server"> <Ref refid="Server"/> </Arg> <Set name="port">8090</Set> </New> </Arg> </Call> <Call name="addConnector"> <Arg> <New class="org.eclipse.jetty.server.ServerConnector"> <Arg name="server"> <Ref refid="Server"/> </Arg> <Arg> <New class="org.eclipse.jetty.util.ssl.SslContextFactory"> <Set name="keyStorePath">keystore.jks</Set> <Set name="keyStorePassword">password</Set> <Set name="keyManagerPassword">password</Set> <Set name="trustStorePath">keystore.jks</Set> <Set name="trustStorePassword">password</Set> </New> </Arg> <Set name="port">8443</Set> </New> </Arg> </Call> </Configure> - Add jetty.xml to Uber JAR task configuration
task buildUberJar(type: CubaUberJarBuilding) { singleJar = true coreJettyEnvPath = 'modules/core/web/META-INF/jetty-env.xml' appProperties = ['cuba.automaticDatabaseUpdate' : true] webJettyConfPath = 'jetty.xml' } - Build Uber JAR
- Put keystore.jks in the folder with Uber JAR and start Uber JAR
Thanks,
Subbotin Andrey
1 Like