| <?xml version="1.0"?> |
| <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd"> |
| <Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory"> |
| <Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.keystore" default="servicestore.jks"/></Set> |
| <Set name="KeyStorePassword"><Property name="jetty.keystore.password" default="sspass"/></Set> |
| <Set name="KeyManagerPassword"><Property name="jetty.keymanager.password" default="skpass"/></Set> |
| <Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.truststore" default="servicestore.jks"/></Set> |
| <Set name="TrustStorePassword"><Property name="jetty.truststore.password" default="sspass"/></Set> |
| <Set name="EndpointIdentificationAlgorithm"></Set> |
| <Set name="ExcludeCipherSuites"> |
| <Array type="String"> |
| <Item>SSL_RSA_WITH_DES_CBC_SHA</Item> |
| <Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item> |
| <Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item> |
| <Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item> |
| <Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item> |
| <Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item> |
| <Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item> |
| </Array> |
| </Set> |
| |
| <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration"> |
| <Arg><Ref refid="httpConfig"/></Arg> |
| <Call name="addCustomizer"> |
| <Arg> |
| <New class="org.eclipse.jetty.server.SecureRequestCustomizer"> |
| <Arg name="sniHostCheck" type="boolean"><Property name="jetty.ssl.sniHostCheck" default="true"/></Arg> |
| <Arg name="stsMaxAgeSeconds" type="int"><Property name="jetty.ssl.stsMaxAgeSeconds" default="-1"/></Arg> |
| <Arg name="stsIncludeSubdomains" type="boolean"><Property name="jetty.ssl.stsIncludeSubdomains" default="false"/></Arg> |
| </New> |
| </Arg> |
| </Call> |
| </New> |
| </Configure> |