7.3.5.1. Configuring HTTPS for UberJAR

Below is an example of configuring HTTPS with a self-signed certificate for UberJAR deployment.

  1. Generate keys and certificates with in-built JDK tool Java Keytool:

    keytool -keystore keystore.jks -alias jetty -genkey -keyalg RSA
  2. Create the jetty.xml file with SSL configuration in the project root folder:

    <Configure id="Server" class="org.eclipse.jetty.server.Server">
        <Call name="addConnector">
            <Arg>
                <New class="org.eclipse.jetty.server.ServerConnector">
                    <Arg name="server">
                        <Ref refid="Server"/>
                    </Arg>
                    <Set name="port">8090</Set>
                </New>
            </Arg>
        </Call>
        <Call name="addConnector">
            <Arg>
                <New class="org.eclipse.jetty.server.ServerConnector">
                    <Arg name="server">
                        <Ref refid="Server"/>
                    </Arg>
                    <Arg>
                        <New class="org.eclipse.jetty.util.ssl.SslContextFactory">
                            <Set name="keyStorePath">keystore.jks</Set>
                            <Set name="keyStorePassword">password</Set>
                            <Set name="keyManagerPassword">password</Set>
                            <Set name="trustStorePath">keystore.jks</Set>
                            <Set name="trustStorePassword">password</Set>
                        </New>
                    </Arg>
                    <Set name="port">8443</Set>
                </New>
            </Arg>
        </Call>
    </Configure>

    The keyStorePassword, keyManagerPassword, and trustStorePassword should correspond to those set by Keytool.

  3. Add jetty.xml to the build task configuration:

    task buildUberJar(type: CubaUberJarBuilding) {
        singleJar = true
        coreJettyEnvPath = 'modules/core/web/META-INF/jetty-env.xml'
        appProperties = ['cuba.automaticDatabaseUpdate' : true]
        webJettyConfPath = 'jetty.xml'
    }
  4. Build Uber JAR as described in the UberJAR Deployment section.

  5. Put the keystore.jks in the same folder with JAR distribution of your project and start Uber JAR.

    The application will be available at https://localhost:8443/app.