[Geoserver-devel] [jira] (GEOS-5050) Start jetty in the IDE with an open SSL port optionally

Christian Mueller created GEOS-5050:
---------------------------------------

             Summary: Start jetty in the IDE with an open SSL port optionally
                 Key: GEOS-5050
                 URL: https://jira.codehaus.org/browse/GEOS-5050
             Project: GeoServer
          Issue Type: Improvement
    Affects Versions: 2.2.x
            Reporter: Christian Mueller
            Assignee: Christian Mueller
         Attachments: sslconnector.patch

For developing (especially the security stuff) it would be nice to start jetty with an additonal SSL connector (port 8443), port 8080 is always available.

The supplied patch does the following

1) look for a system property ssl.hostname=myhost.mydomain.org
2) if no such property exists, no SSL connector is activated --> end
3) check for file "user.home"/.geoserver/keystore.jks (create it if absent)
4) look for an already existing server certificate, if found, start up with an ssl connector --> end
5) Generate a key pair and store the private key and the self signed certificate into the keystore
6) Write a file "user.home"/.geoserver/myhost.mydomain.org.cert which can be used to import the server certificate into other keystores
7) start up with an additional ssl connector

The password used is "changeit" which is also the default password for the java trust store in /lib/security/cacerts.

Opinions ?

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://jira.codehaus.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira