How to use Jetty with Let's Encrypt certificates?

Question

I want to use certificates from Let's Encrypt with a large count of Jetty servers. One of the problems is that the certificates from Let's Encrypt has a lifetime of 90 days.

To handle this the Jetty server or some extra code must renew the certificate frequently.

Can Jetty handle this self? If yes how can I enable this?
If I need to implement it self with a Java client then how can I replace the certificate dynamically via Jetty API without a restart of the Jetty server?

Edit: Some related and partial helpful links:

Do you have a working sample of this? I have a similar requirement. It would be good to have a working sample code. — Nausherwan Aslam, Jan 30 '18 at 06:14

score 5 · Accepted Answer · answered Feb 14 '17 at 12:30

5

Since version 9.3.15 you can use:

SslContextFactory.reload(Consumer<SslContextFactory>)

For details see at: https://github.com/eclipse/jetty.project/issues/918

answered Feb 14 '17 at 12:30

Horcrux7

23,758
21
98
156

@NausherwanAslam Do you means a sample for the reload or for Let's Encrypt? – Horcrux7 Feb 05 '18 at 19:31
1

https://danielflower.github.io/2017/04/08/Lets-Encrypt-Certs-with-embedded-Jetty.html seems to give an example if it helps. – Matt Sheppard Feb 15 '18 at 04:57

How to use Jetty with Let's Encrypt certificates?

1 Answers1

Linked