0

I need to implement local ssl for my project for an OAuth implementation. I read through the xsbt-web-plugin page (here). I created the keystore as advised here.

keytool -genkey -alias localhost -keyalg RSA -keystore localhost.jks -keysize 2048

I got it to serve https using jetty config file that I found here. This is what it looks like:

<Configure id="Server" class="org.eclipse.jetty.server.Server">
    <Call name="addConnector">
     <Arg>
         <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
             <Arg>
                 <New class="org.eclipse.jetty.http.ssl.SslContextFactory">
                     <Set name="keyStore">localhost.jks</Set>
                     <Set name="keyStorePassword">password</Set>
                     <Set name="keyManagerPassword">password</Set>
                     <Set name="trustStore">localhost.jks</Set>
                     <Set name="trustStorePassword">password</Set>
                 </New>
             </Arg>
             <Set name="port">8443</Set>
             <Set name="maxIdleTime">30000</Set>
         </New>
     </Arg>
    </Call>
</Configure>

My SBT config looks like this:

customConfiguration in container.Configuration := true                                                                                                        
ssl in container.Configuration := Some("127.0.0.1", 8443, "localhost.jks", "password", "password")                                                      
configurationFiles in container.Configuration := Seq(file("path\\to\\jetty.xml"))

The problem is now the server serves a 404 for every request:

enter image description here

Also there is this warning on console:

2017-03-13 16:06:56.819:WARN:oeji.nio:javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?

Jetty: 8.1.7/Lift: 2.6.2

Please advise. Thank you.

An Illusion
  • 769
  • 1
  • 10
  • 24
  • Configuring *jetty.xml* correctly is a real pain. Here's what it took for me to get SSL working: https://github.com/earldouglas/xsbt-web-plugin/blob/master/src/sbt-test/container/jetty-xml-https/etc/jetty.xml – earldouglas Mar 14 '17 at 03:46

1 Answers1

0

After struggling with this for a couple of days, I just used STunnel which is basically just another server running locally that forwards all the request from 8443 to my dev server running on 8080.

An Illusion
  • 769
  • 1
  • 10
  • 24
  • Another option here is to just stick nginx in front of it locally. Same idea as stunnel, relatively straightforward configuration. I always do that---as a bonus, I can point different local URLs to different local apps. – Antonio Salazar Cardozo Apr 06 '17 at 18:49