Jetty 9.4 listening on http

Wessel, Keith kwessel at
Wed May 29 17:43:08 EDT 2019

Thanks, Scott. By creating the dummy pkcs12 keystore containing a self-signed cert and also adding http to the dependent modules in idp.mod, Jetty is now listening on both 8443 with HTTPS and 8080 with HTTP, localhost for both, of course. It was necessary to add the http module to idp.mod or my instance only listened on 8443 which, if you're using Jetty without an Apache proxy fronting it, makes sense.

I know you said that eliminating the need for a dummy keystore and turning off the https listener is a bit more involved, but for completeness, I tried just removing https from the idp.mod at this point and got:

java.lang.IllegalStateException: No default protocol for ServerConnector at cb42dee{null,[]}{}

What I have now is certainly workable. But I might poke it a little more to figure out how to get the https piece to be disabled. Not worth opening an issue in Jira and making it your problem, though, since what I have now does the trick. More of a challenge for me.


-----Original Message-----
From: users <users-bounces at> On Behalf Of Cantor, Scott
Sent: Wednesday, May 29, 2019 12:25 PM
To: Shib Users <users at>
Subject: Re: Jetty 9.4 listening on http

On 5/29/19, 1:18 PM, "users on behalf of Wessel, Keith" <users-bounces at on behalf of kwessel at> wrote:

> I thought about that, Scott. Question then becomes which of the SSL properties I still need to set that I won't be making
> use of. Which are required? If keystore is required, do I just make a dummy self-signed one?

I assume all these are required:


If it's not being used I imagine a dummy key is best to flag any improper access.

-- Scott

For Consortium Member technical support, see
To unsubscribe from this list send an email to users-unsubscribe at

More information about the users mailing list