{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Melony? 的问题《Using embedded Jetty 9 with HTTPS only》','https://www.manongdao.com/q-748444.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am using embedded Jetty 9, where I want to allow https access, but no http.
I know I can easily configure a redirect in Jetty web.xml, but I don't have that file in the embedded version. I know I can use any file and point to it from the embedded version, but this should be easier.
So I searched and found this here http://blog.anvard.org/articles/2013/10/05/jetty-ssl-server.html where the author states "Of course, we could force the use of HTTP/S by just removing the HTTP connector."
So I did exactly this:
Server server = new Server();
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath());
sslContextFactory.setKeyStorePassword(Keys.DOMAIN_CERTIFICATE_JKS_KEYSTORE_PASSWORD);
sslContextFactory.setKeyManagerPassword(Keys.DOMAIN_CERTIFICATE_KEY_MANAGER_PASSWORD);
HttpConfiguration httpsConfiguration = new HttpConfiguration();
SecureRequestCustomizer secureRequestCustomizer = new SecureRequestCustomizer();
httpsConfiguration.addCustomizer(secureRequestCustomizer);
ServerConnector serverConnector = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
new HttpConnectionFactory(httpsConfiguration));
serverConnector.setHost("192.168.0.5");
serverConnector.setPort(9443);
serverConnector.setIdleTimeout(15000);
server.setConnectors(new Connector[] { serverConnector });
Problem: It doesn't seem to work. https is working fine, but when I access http, I get 200 OK response with junk in the body (instead of the expected json response). So the server seems to process the request, but encrypt wrong, whatever. Or have I overlooked anything and my configuration is bad?
--
As far as I can tell, you did everything correctly. Connecting to the SSL port and sending regular HTTP (w/o the SSL handshaking) is returning an SSL Alert message. Your HTTP client (for some reason) is giving you the
200 OKmessage despite not even receiving an HTTP response.What you are receiving is an SSL Alert message.