解决方案:
Java Keytool生成数字证书:
keytool -genkey -alias webmin.com -keyalg RSA
-keystore /home/demo/webminkey -validity 365
其
中,RSA-非对称加密;-validity 365:证书有效期为365天,keytool默认生成的有效期为90天。
Jetty服务器配置config.xml:<?xml version="1.0" encoding="UTF-8"?>
<MetaData xmlns="http://www.osgi.org/xmlns/metatype/v1.0.0">
<OCD name="%configurationName" id="server.config" description="%configurationDescription">
<AD id="http.enabled" type="Boolean" default="true"/>
<AD id="http.port" type="Integer" default="0"/>
<AD id="http.host" type="String" cardinality="1"/>
<AD id="https.enabled" type="Boolean" default="false"/>
<AD id="https.port" type="Integer" default="0"/>
<AD id="https.host" type="String" cardinality="1"/>
<AD id="ssl.keystore" type="String" cardinality="1"/>
<AD id="ssl.password" type="String" cardinality="1"/>
<AD id="ssl.keypassword" type="String" cardinality="1"/>
<AD id="ssl.needclientauth" type="Boolean" cardinality="1"/>
<AD id="ssl.wantclientauth" type="Boolean" cardinality="1"/>
<AD id="ssl.protocol" type="String" cardinality="1"/>
<AD id="ssl.algorithm" type="String" cardinality="1"/>
<AD id="ssl.keystoretype" type="String" cardinality="1"/>
<AD id="context.path" type="String" cardinality="1"/>
<AD id="context.sessioninactiveinterval" type="Integer" cardinality="1"/>
<AD id="other.info" type="String" cardinality="1"/>
</OCD>
<Designate pid="org.eclipse.equinox.http.jetty.config.designate" factoryPid="org.eclipse.equinox.http.jetty.config" bundle="*">
<Object ocdref="server.config"/>
</Designate>
</MetaData>
在java配置文件configuration/config.ini中添加参数:
# enable ssl
org.eclipse.equinox.http.jetty.https.enabled=true
org.eclipse.equinox.http.jetty.http.enabled=false
org.eclipse.equinox.http.jetty.ssl.keystore=webminkey
org.eclipse.equinox.http.jetty.ssl.password=administrator
org.eclipse.equinox.http.jetty.ssl.keypassword=webmin
# set ssl port (defaults to 443)
org.eclipse.equinox.http.jetty.https.port=443
#org.eclipse.equinox.http.jetty.http.port=8088
测试:
浏览器中输入url: https://localhost/