Jetty 9.4 listening on http
Wessel, Keith
kwessel at illinois.edu
Thu May 30 11:37:02 EDT 2019
The answer was to not only remove the https module dependency from idp.mod but also to remove the ssl module.
I took your advice and added --module=http to idp.ini instead of adding it to idp.mod. Unfortunately, I still have to modify idp.mod to remove the https and ssl modules. If you make updates to this aftifact, perhaps move those out of idp.mod and into idp.ini for easier switching on and off and better consistency across updates.
The uncommented lines in the distributed idp.ini can safely be left uncommented since, without the https or ssl modules, they're ignored. I did have to add jetty.http.host=127.0.0.1 to restrict connections, but the default http port is already 8080. So, that was the only other addition to idp.ini.
I'm happy to document this on the IDP3 Jetty94 wiki page.
Keith
-----Original Message-----
From: users <users-bounces at shibboleth.net> On Behalf Of Cantor, Scott
Sent: Wednesday, May 29, 2019 4:58 PM
To: Shib Users <users at shibboleth.net>
Subject: Re: Jetty 9.4 listening on http
On 5/29/19, 5:43 PM, "users on behalf of Wessel, Keith" <users-bounces at shibboleth.net on behalf of kwessel at illinois.edu> wrote:
> Thanks, Scott. By creating the dummy pkcs12 keystore containing a self-signed cert and also adding http to the
> dependent modules in idp.mod
I didn't look at the example, mine has http as a dependent module but I probably added that myself. And that isn't the right way to do it, you should probably just add this to idp.ini:
--module=http
That keeps it out of the IdP module as shipped and makes diffs easier later.
> java.lang.IllegalStateException: No default protocol for ServerConnector at cb42dee{null,[]}{0.0.0.0:8443}
Since that mentions 8443 I think there still has to be a reference to some part of the https module or files somewhere.
-- Scott
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list