In this blog, we’ll learn how to configure Jetty on SSL using self-signed certificate created by a key tool.
To configure Jetty on SSL, follow the steps below:
Step 1: Generate a private key in a KeyStore file. Provide the details when it is prompted.
cfroot\jre\bin\keytool -genkeypair -alias certificatekey -keyalg RSA validity 365 -keystore keystore.jks
Step 2: Export the certificate using the self-signed certificate.
Note: You can use a self-signed certificate or a certificate from a Certificate Authority.
cfroot\jre\bin\keytool -export -alias certificatekey -keystore keystore.jks -rfc -file selfsignedcert.cer
Step 3: Copy the newly created jks file to the location jetty\etc.
Step 4: Open the file “start.ini” in the location \ColdFusion2018\cfusion\jetty and add the following configuration:
–module=https
# #
jetty.ssl.host =IP_address
jetty.ssl.port =Port_number
jetty.sslContext.keyStorePath=etc/keystore.jks
jetty.sslContext.trustStorePath=etc/keystore.jks
jetty.sslContext.keyStorePassword=changeit
jetty.sslContext.keyManagerPassword=changeit
jetty.sslContext.trustStorePassword=changeit
Step 5: Save the file and restart the Add-on service.
To verify that Jetty is running on SSL port (8443) as configured above, access the site, https://IP_address _of_host:8443
You can see the page below:
Registering the PDF Service in ColdFusion admin console:
To register the PDF service running on SSL in the ColdFusion admin page, you will have to import the certificate to Java KeyStore of ColdFusion.
Step 1: Copy the certificate file to cfroot\jre\bin and import the certificate.
cfroot\jre\bin\keytool.exe -importcert keystore”cfroot\jre\lib\security\cacerts” -file selfsignedcert.cer -storepass changeit
Step 2: Restart the ColdFusion service. Log in to CF Admin and navigate to Data & Services ->PDF Service> Edit the PDF service with SSL port.
That’s very helpful, Vikram. Thanks. That said, you may want to help readers by clarifying in the opening paragraph that the Jetty server is used for the PDF service (like you show in the Admin at the very end), for use with the CFHTMLTOPDF tag.
It’s just that some may not bother reading to the end, and so may think this topic “doesn’t apply to them”. Just a brief mention in that opening sentence would help many, I’m sure. (Same for the “summary” for the post, if it has one. I can’t see at the moment, because some odd glitch is causing me to see no posts on the front page of the site, coldfusion.adobe.com.)
You must be logged in to post a comment.