solr/server/etc/jetty-ssl.xml - lucene-solr - Git at Google

 <?xml version="1.0"?>
 <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">

 <!-- ============================================================= -->
 <!-- Configure a TLS (SSL) Context Factory                         -->
 <!-- This configuration must be used in conjunction with jetty.xml -->
 <!-- and either jetty-https.xml or jetty-spdy.xml (but not both)   -->
 <!-- ============================================================= -->
 <Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">
   <Call class="org.apache.solr.util.configuration.SSLConfigurationsFactory" name="current">
     <Get name="keyStorePassword" id="keyStorePassword"/>
     <Get name="trustStorePassword" id="trustStorePassword"/>
   </Call>
   <Set name="KeyStorePath"><Property name="solr.jetty.keystore" default="./etc/solr-ssl.keystore.jks"/></Set>
   <Set name="KeyStorePassword"><Ref refid="keyStorePassword"/></Set>
   <Set name="TrustStorePath"><Property name="solr.jetty.truststore" default="./etc/solr-ssl.keystore.jks"/></Set>
   <Set name="TrustStorePassword"><Ref refid="trustStorePassword"/></Set>
   <Set name="NeedClientAuth"><Property name="solr.jetty.ssl.needClientAuth" default="false"/></Set>
   <Set name="WantClientAuth"><Property name="solr.jetty.ssl.wantClientAuth" default="false"/></Set>
   <Set name="KeyStoreType"><Property name="solr.jetty.keystore.type" default="PKCS12"/></Set>
   <Set name="TrustStoreType"><Property name="solr.jetty.truststore.type" default="PKCS12"/></Set>

   <!-- =========================================================== -->
   <!-- Create a TLS specific HttpConfiguration based on the        -->
   <!-- common HttpConfiguration defined in jetty.xml               -->
   <!-- Add a SecureRequestCustomizer to extract certificate and    -->
   <!-- session information                                         -->
   <!-- =========================================================== -->
   <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
     <Arg><Ref refid="httpConfig"/></Arg>
     <Call name="addCustomizer">
       <Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg>
     </Call>
   </New>

 </Configure>
	<?xml version="1.0"?>
	<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">

	<!-- ============================================================= -->
	<!-- Configure a TLS (SSL) Context Factory -->
	<!-- This configuration must be used in conjunction with jetty.xml -->
	<!-- and either jetty-https.xml or jetty-spdy.xml (but not both) -->
	<!-- ============================================================= -->
	<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">
	<Call class="org.apache.solr.util.configuration.SSLConfigurationsFactory" name="current">
	<Get name="keyStorePassword" id="keyStorePassword"/>
	<Get name="trustStorePassword" id="trustStorePassword"/>
	</Call>
	<Set name="KeyStorePath"><Property name="solr.jetty.keystore" default="./etc/solr-ssl.keystore.jks"/></Set>
	<Set name="KeyStorePassword"><Ref refid="keyStorePassword"/></Set>
	<Set name="TrustStorePath"><Property name="solr.jetty.truststore" default="./etc/solr-ssl.keystore.jks"/></Set>
	<Set name="TrustStorePassword"><Ref refid="trustStorePassword"/></Set>
	<Set name="NeedClientAuth"><Property name="solr.jetty.ssl.needClientAuth" default="false"/></Set>
	<Set name="WantClientAuth"><Property name="solr.jetty.ssl.wantClientAuth" default="false"/></Set>
	<Set name="KeyStoreType"><Property name="solr.jetty.keystore.type" default="PKCS12"/></Set>
	<Set name="TrustStoreType"><Property name="solr.jetty.truststore.type" default="PKCS12"/></Set>

	<!-- =========================================================== -->
	<!-- Create a TLS specific HttpConfiguration based on the -->
	<!-- common HttpConfiguration defined in jetty.xml -->
	<!-- Add a SecureRequestCustomizer to extract certificate and -->
	<!-- session information -->
	<!-- =========================================================== -->
	<New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
	<Arg><Ref refid="httpConfig"/></Arg>
	<Call name="addCustomizer">
	<Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg>
	</Call>
	</New>

	</Configure>