Generating and loading keys and certificates
The simplest way is to use the JDK keytool application. It will generate a key pair and certificate directly into a keystore.
$ keytool -keystore vidispine.keystore -alias vstest -genkey -keyalg RSA Enter keystore password: Re-enter new password: What is your first and last name? [Unknown]: test.vidispine.com What is the name of your organizational unit? [Unknown]: Vidispine What is the name of your organization? [Unknown]: Vidispine What is the name of your City or Locality? [Unknown]: Stockholm What is the name of your State or Province? [Unknown]: Stockholm What is the two-letter country code for this unit? [Unknown]: SE Is CN=Vidispine, OU=Vidispine, O=Vidispine, L=Stockholm, ST=Stockholm, C=SE correct? [no]: yes Enter key password for (RETURN if same as keystore password):
There are more details documentation from jetty about how to use key pairs generated by OpenSSL and getting certificates from trusted CAs. Please refer to the Jetty SSL configuration documentation.
server.yaml file by adding a
https connector under the
server: applicationConnectors: ... - type: https port: 8443 keyStorePath: /tmp/vidispine.keystore keyStorePassword: vidispine validateCerts: no ...
https://localhost:8443/. For more configuration options, please refer to the Dropwizard HTTPS configuration reference.