January 7, 2020
Configuring Jetty on HTTPS in CF2018
Comments
(1)
January 7, 2020
Configuring Jetty on HTTPS in CF2018
Staff 3 posts
Followers: 1 people
(1)

In this blog, we’ll learn how to configure Jetty on SSL using self-signed certificate created by a key tool.

To configure Jetty on SSL, follow the steps below:

Step 1: Generate a private key in a KeyStore file. Provide the details when it is prompted.

cfroot\jre\bin\keytool -genkeypair -alias certificatekey -keyalg RSA validity 365 -keystore keystore.jks

Step 2:  Export the certificate using the self-signed certificate.

Note: You can use a self-signed certificate or a certificate from a Certificate Authority.

cfroot\jre\bin\keytool -export -alias certificatekey -keystore keystore.jks -rfc -file selfsignedcert.cer

Step 3: Copy the newly created jks file to the location jetty\etc.

Step 4: Open the file “start.ini” in the location \ColdFusion2018\cfusion\jetty and add the following configuration:

–module=https

# #

jetty.ssl.host =IP_address

jetty.ssl.port =Port_number

jetty.sslContext.keyStorePath=etc/keystore.jks

jetty.sslContext.trustStorePath=etc/keystore.jks

jetty.sslContext.keyStorePassword=changeit

jetty.sslContext.keyManagerPassword=changeit

jetty.sslContext.trustStorePassword=changeit

Step 5: Save the file and restart the Add-on service.

To verify that Jetty is running on SSL port (8443) as configured above, access the site, https://IP_address _of_host:8443

You can see the page below:

Registering the PDF Service in ColdFusion admin console:

To register the PDF service running on SSL in the ColdFusion admin page, you will have to import the certificate to Java KeyStore of ColdFusion.

Step 1: Copy the certificate file to cfroot\jre\bin and import the certificate.

cfroot\jre\bin\keytool.exe -importcert keystore”cfroot\jre\lib\security\cacerts” -file selfsignedcert.cer -storepass changeit

Step 2: Restart the ColdFusion service. Log in to CF Admin and navigate to Data & Services ->PDF Service> Edit the PDF service with SSL port.

1 Comment
2020-01-07 23:03:33
2020-01-07 23:03:33

That’s very helpful, Vikram. Thanks. That said, you may want to help readers by clarifying in the opening paragraph that the Jetty server is used for the PDF service (like you show in the Admin at the very end), for use with the CFHTMLTOPDF tag.

It’s just that some may not bother reading to the end, and so may think this topic “doesn’t apply to them”. Just a brief mention in that opening sentence would help many, I’m sure. (Same for the “summary” for the post, if it has one. I can’t see at the moment, because some odd glitch is causing me to see no posts on the front page of the site, coldfusion.adobe.com.)

Like
Add Comment