The default profiles contains the org.ops4j.pax.web.properties file.
By editing this file you could configure ssl as described here: https://ops4j1.jira.com/wiki/display/paxweb/SSL+Configuration
Question
I would have a question about the wonderful tool that I just discovered named fabric8 (http://fabric8.io).
When I deploy a CXF SOAP service into the system, it is available at http://${HOSTNAME}:8181/cxf. Until now, all our stack was deployed into a tomcat container, secured using TLS encryption on the regular 8443 port (using or not client authentication). We, by the way, use WSDL policies to enforce it.
Is it possible to setup this TLS encryption using fabric8 ? karaf ?
Jerome
P.S: I wanted to add the new tag 'fabric8' but I do not have enough points to do that so I tagged using 'fusefabric'.
Edit 1:
Thanks @iocanel!
It seems to work.... well mostly :-)
In fact, if I start from a fresh fabric8 installation, and if I setup in etc/org.ops4j.pax.web.cfg
:
org.ops4j.pax.web.config.file=etc/jetty.xml
org.osgi.service.http.port=8181
org.osgi.service.http.secure.enabled=true
org.osgi.service.http.port.secure=8443
org.ops4j.pax.web.ssl.keystore=etc/serverKeystore.jks
org.ops4j.pax.web.ssl.password=mytest
org.ops4j.pax.web.ssl.keypassword=mytest
Then I can browse the hawtio web interface on the 8443 port. However, as soon as I initialise the container with fabric:create
the port is not available anymore. If I restart fabric8, then the logs are full of:
2014-02-11 17:41:15,945 | WARN | tp1828719771-631 | AbstractHttpConnection | ty.server.AbstractHttpConnection 552 | 89 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.14.v20131031 | /git/fabric/info/refs?service=git-upload-pack
java.lang.IllegalStateException: Committed
at org.eclipse.jetty.server.Response.resetBuffer(Response.java:1154)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.Response.sendError(Response.java:317)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.Response.sendError(Response.java:419)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at javax.servlet.http.HttpServletResponseWrapper.sendError(HttpServletResponseWrapper.java:137)[84:org.apache.geronimo.specs.geronimo-servlet_3.0_spec:1.0]
at io.fabric8.maven.impl.MavenSecureHttpContext.authenticate(MavenSecureHttpContext.java:173)[129:io.fabric8.fabric-maven-proxy:1.0.0.SNAPSHOT]
at io.fabric8.maven.impl.MavenSecureHttpContext.handleSecurity(MavenSecureHttpContext.java:78)[129:io.fabric8.fabric-maven-proxy:1.0.0.SNAPSHOT]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:68)[100:org.ops4j.pax.web.pax-web-jetty:3.0.6]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:219)[100:org.ops4j.pax.web.pax-web-jetty:3.0.6]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:85)[100:org.ops4j.pax.web.pax-web-jetty:3.0.6]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.Server.handle(Server.java:370)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:971)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1033)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:667)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at java.lang.Thread.run(Thread.java:744)[:1.7.0_51]
2014-02-11 17:41:15,967 | WARN | tp1828719771-616 | Response | rg.eclipse.jetty.server.Response 315 | 89 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.14.v20131031 | Committed before 401 null
2014-02-11 17:41:15,968 | WARN | tp1828719771-616 | AbstractHttpConnection | ty.server.AbstractHttpConnection 552 | 89 - org.eclipse.jetty.aggregate.jetty-all-server - 8.1.14.v20131031 | /git/fabric/info/refs?service=git-receive-pack
java.lang.IllegalStateException: Committed
at org.eclipse.jetty.server.Response.resetBuffer(Response.java:1154)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.Response.sendError(Response.java:317)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.Response.sendError(Response.java:419)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at javax.servlet.http.HttpServletResponseWrapper.sendError(HttpServletResponseWrapper.java:137)[84:org.apache.geronimo.specs.geronimo-servlet_3.0_spec:1.0]
at io.fabric8.maven.impl.MavenSecureHttpContext.authenticate(MavenSecureHttpContext.java:173)[129:io.fabric8.fabric-maven-proxy:1.0.0.SNAPSHOT]
at io.fabric8.maven.impl.MavenSecureHttpContext.handleSecurity(MavenSecureHttpContext.java:78)[129:io.fabric8.fabric-maven-proxy:1.0.0.SNAPSHOT]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:68)[100:org.ops4j.pax.web.pax-web-jetty:3.0.6]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:219)[100:org.ops4j.pax.web.pax-web-jetty:3.0.6]
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:85)[100:org.ops4j.pax.web.pax-web-jetty:3.0.6]
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.Server.handle(Server.java:370)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:971)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1033)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:667)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)[89:org.eclipse.jetty.aggregate.jetty-all-server:8.1.14.v20131031]
at java.lang.Thread.run(Thread.java:744)[:1.7.0_51]
Do you have an idea ?
Jerome
La solution
The default profiles contains the org.ops4j.pax.web.properties file.
By editing this file you could configure ssl as described here: https://ops4j1.jira.com/wiki/display/paxweb/SSL+Configuration
Autres conseils
I posted an issue: https://github.com/fabric8io/fabric8/issues/696
Let's see if there is a specific configuration to apply.