Keystore password for Jetty 7.0 SSL configuration

Question

Trying to setup SSL on jetty 7.2.2 using these instructions: http://docs.codehaus.org/display/JETTY/How+to+configure+SSL

stuck on 3b: keytool -importkeystore -srckeystore jetty.pkcs12 -srcstoretype PKCS12 -destkeystore $JETTY_HOME/etc/keystore

jetty ships with default keystore at $JETTY_HOME/etc/keystore. I'm asked for password when running that command. I don't know default keystore password.

If I try to replace that keystore with newly created one - I'm getting IOException on jetty startup - keystore is tampered with or password incorrect.

What I'm doing wrong? Or what's default keystore jetty password?

Answer 1

I think you just want to overwrite the keystore in etc/keystore with your new one. Then, update the Jetty conf as in Step 4. You will need to obfuscate your keystore password using the org.mortbay.jetty.security.Password class.

Answer 2

The default password for the keystore that is shipped with jetty is storepwd. But I would highly recommend you follow the steps listed in the How to configure SSL and create your own keystore.

Answer 3

One more subtle steps that needs to be followed .

i.e Jetty has another file start.ini, un-comment jetty-ssl.xml line to make the SSL configuration active.

Answer 4

That was my bad. Didn't notice that there's jetty-ssl.xml also, that used default keystore. Moved addConnector to jetty-ssl.xml, put right passwords there, and everything works now like a charm.

Answer 5

One note, the eclipse version of jetty works a little differently http://www.eclipsezone.com/eclipse/forums/t88098.html