| <?xml version="1.0"?> |
| <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd"> |
| |
| <!-- ============================================================= --> |
| <!-- Configure a TLS (SSL) Context Factory --> |
| <!-- This configuration must be used in conjunction with jetty.xml --> |
| <!-- and either jetty-https.xml or jetty-spdy.xml (but not both) --> |
| <!-- ============================================================= --> |
| <Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server"> |
| <Call class="org.apache.solr.util.configuration.SSLConfigurationsFactory" name="current"> |
| <Get name="keyStorePassword" id="keyStorePassword"/> |
| <Get name="trustStorePassword" id="trustStorePassword"/> |
| </Call> |
| <Set name="KeyStorePath"><Property name="solr.jetty.keystore" default="./etc/solr-ssl.keystore.jks"/></Set> |
| <Set name="KeyStorePassword"><Ref refid="keyStorePassword"/></Set> |
| <Set name="TrustStorePath"><Property name="solr.jetty.truststore" default="./etc/solr-ssl.keystore.jks"/></Set> |
| <Set name="TrustStorePassword"><Ref refid="trustStorePassword"/></Set> |
| <Set name="NeedClientAuth"><Property name="solr.jetty.ssl.needClientAuth" default="false"/></Set> |
| <Set name="WantClientAuth"><Property name="solr.jetty.ssl.wantClientAuth" default="false"/></Set> |
| <Set name="KeyStoreType"><Property name="solr.jetty.keystore.type" default="PKCS12"/></Set> |
| <Set name="TrustStoreType"><Property name="solr.jetty.truststore.type" default="PKCS12"/></Set> |
| |
| <!-- =========================================================== --> |
| <!-- Create a TLS specific HttpConfiguration based on the --> |
| <!-- common HttpConfiguration defined in jetty.xml --> |
| <!-- Add a SecureRequestCustomizer to extract certificate and --> |
| <!-- session information --> |
| <!-- =========================================================== --> |
| <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration"> |
| <Arg><Ref refid="httpConfig"/></Arg> |
| <Call name="addCustomizer"> |
| <Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg> |
| </Call> |
| </New> |
| |
| </Configure> |