Hi,
I need to be able to enable and disable ssl jetty configuration in a same port for a CXF service. Is there a way to do that using a property in a configuration file ?
What I'm doing now is able to specify which port will be configured for ssl and select the same port on the endpoint if I want to use ssl or use a different port if I don't want to have ssl. But I don't like the idea of having jett listening in a port that in not being used. I would prefer a more elegant solution if possible.
<jaxws:endpoint id="decisionService" implementor="#decisionImpl"
address="${fds.decision_endpoint}" >
<httpj:engine-factory bus="cxf">
<httpj:engine port="${fds.https_port}">
<httpj:tlsServerParameters>
<sec:keyManagers keyPassword="nnewserver">
<sec:keyStore type="JKS" password="nnewserver"
resource="keystore/server.jks"/>
</sec:keyManagers>
<sec:trustManagers>
<sec:keyStore type="JKS" password="nnewtrust"
resource="keystore/server.ts"/>
</sec:trustManagers>
<sec:cipherSuitesFilter>
<!-- these filters ensure that a ciphersuite with
export-suitable or null encryption is used,
but exclude anonymous Diffie-Hellman key change as
this is vulnerable to man-in-the-middle attacks -->
<sec:include>.*_EXPORT_.*</sec:include>
<sec:include>.*_EXPORT1024_.*</sec:include>
<sec:include>.*_WITH_DES_.*</sec:include>
<sec:include>.*_WITH_NULL_.*</sec:include>
<sec:exclude>.*_DH_anon_.*</sec:exclude>
</sec:cipherSuitesFilter>
<!-- element to specify mutual (client) authentication -->
<sec:clientAuthentication want="true" required="true"/>
</httpj:tlsServerParameters>
</httpj:engine>
</httpj:engine-factory>
Thanks,
-Marcel