[Geoserver-users] ssl/https configure error on geoserver 2.20.5

GeoServer GeoServer User
1

Hello everybody.

I’m trying to configure a geoserver 2.20.05 server (in the windows platform with jetty web server )

I generated a new keystore, and validated it with keytool, and put it in the %GEOSERVER_HOME%\etc directory.

I validated which version of jetty is installed and the i got in the Central Repository: org/eclipse/jetty/jetty-distribution/9.4.36.v20210114 (maven.org)

some files and

Copy ssl.mod from /modules to %GEOSERVER_HOME%\modules
Copy jetty-ssl-context.xml from /etc to %GEOSERVER_HOME%\etc

whith the comand java -cp jetty-util-9.4.36.v20210114.jar org.eclipse.jetty.util.security.Password password

i obtain the obfuscated password (OBF: ) which I used to change the ssl-context.xml file.

the next step was to change my strat.ini by adding the following text:

#SSL

—module=ssl

jetty.ssl.port=8443
#jetty.ssl.idleTimeout=30000

jetty.sslContext.keyStorePath=etc/keystore

jetty.sslContext.trustStorePath=etc/keystore

jetty.sslContext.keyStorePassword=OBF:1k091 …

jetty.sslContext.keyManagerPassword=jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g

jetty.sslContext.trustStorePassword="OBF:1k0915ke…

Number of acceptors (-1 picks default based on number of cores)

jetty.ssl.acceptors=-1

Number of selectors (-1 picks default based on number of cores)

jetty.ssl.selectors=-1

–module=https

jetty.ssl.port=8443
jetty.httpConfig.securePort=8443

note:
I didn’t put, of course, the obf of my keystore password in this email

when i start the service it dont work, and i got this in teh logs file

2022-09-21 14:29:26.303:INFO::main: Logging initialized @562ms to org.eclipse.jetty.util.log.StdErrLog
2022-09-21 14:29:26.665:WARN:oejx.XmlParser:main: FATAL@…3247… line:35 col:5 : org.xml.sax.SAXParseException; lineNumber: 35; columnNumber: 5; The element type “Configure” must be terminated by the matching end-tag “”.
2022-09-21 14:29:26.665:WARN:oejx.XmlConfiguration:main:
java.security.PrivilegedActionException: org.xml.sax.SAXParseException; lineNumber: 35; columnNumber: 5; The element type “Configure” must be terminated by the matching end-tag “”.
at java.security.AccessController.doPrivileged(Native Method)
at org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1857)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
at org.eclipse.jetty.start.Main.start(Main.java:491)
at org.eclipse.jetty.start.Main.main(Main.java:77)

Can i have some help for correct this???

best regards

2

Jorge,

From the stack trace it looks like some XML file has a tag that is not closed by a tag. Perhaps in the jetty-ssl-context.xml file?

Best,
Jay

···

From: Jorge Penedo <jpenedo@…11565…>
Sent: Wednesday, September 21, 2022 7:21 AM
To: geoserver-users@lists.sourceforge.net geoserver-users@lists.sourceforge.net
Subject: [EXTERNAL] [Geoserver-users] ssl/https configure error on geoserver 2.20.5



This email has been received from outside of DOI - Use caution before clicking on links, opening attachments, or responding.

Hello everybody.

I’m trying to configure a geoserver 2.20.05 server (in the windows platform with jetty web server )

I generated a new keystore, and validated it with keytool, and put it in the %GEOSERVER_HOME%\etc directory.

I validated which version of jetty is installed and the i got in the Central Repository: org/eclipse/jetty/jetty-distribution/9.4.36.v20210114 (maven.org)

some files and

Copy ssl.mod from /modules to %GEOSERVER_HOME%\modules
Copy jetty-ssl-context.xml from /etc to %GEOSERVER_HOME%\etc

whith the comand java -cp jetty-util-9.4.36.v20210114.jar org.eclipse.jetty.util.security.Password password

i obtain the obfuscated password (OBF: ) which I used to change the ssl-context.xml file.

the next step was to change my strat.ini by adding the following text:

#SSL

—module=ssl

jetty.ssl.port=8443
#jetty.ssl.idleTimeout=30000

jetty.sslContext.keyStorePath=etc/keystore

jetty.sslContext.trustStorePath=etc/keystore

jetty.sslContext.keyStorePassword=OBF:1k091 …

jetty.sslContext.keyManagerPassword=jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g

jetty.sslContext.trustStorePassword="OBF:1k0915ke…

Number of acceptors (-1 picks default based on number of cores)

jetty.ssl.acceptors=-1

Number of selectors (-1 picks default based on number of cores)

jetty.ssl.selectors=-1

–module=https

jetty.ssl.port=8443
jetty.httpConfig.securePort=8443

note:
I didn’t put, of course, the obf of my keystore password in this email

when i start the service it dont work, and i got this in teh logs file

2022-09-21 14:29:26.303:INFO::main: Logging initialized @562ms to org.eclipse.jetty.util.log.StdErrLog
2022-09-21 14:29:26.665:WARN:oejx.XmlParser:main: FATAL@…3247… line:35 col:5 : org.xml.sax.SAXParseException; lineNumber: 35; columnNumber: 5; The element type “Configure” must be terminated by the matching end-tag “”.
2022-09-21 14:29:26.665:WARN:oejx.XmlConfiguration:main:
java.security.PrivilegedActionException: org.xml.sax.SAXParseException; lineNumber: 35; columnNumber: 5; The element type “Configure” must be terminated by the matching end-tag “”.
at java.security.AccessController.doPrivileged(Native Method)
at org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1857)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
at org.eclipse.jetty.start.Main.start(Main.java:491)
at org.eclipse.jetty.start.Main.main(Main.java:77)

Can i have some help for correct this???

best regards

3

Thanks, I’ll check if that’s the problem

Best Jorge

···

De: Laura, Jason R <jlaura@…158…>
Enviado: 21 de setembro de 2022 20:14
Para: Jorge Penedo <jpenedo@…11565…>; geoserver-users@lists.sourceforge.net geoserver-users@lists.sourceforge.net
Assunto: Re: [EXTERNAL] [Geoserver-users] ssl/https configure error on geoserver 2.20.5

Jorge,

From the stack trace it looks like some XML file has a tag that is not closed by a tag. Perhaps in the jetty-ssl-context.xml file?

Best,
Jay

From: Jorge Penedo <jpenedo@…11565…>
Sent: Wednesday, September 21, 2022 7:21 AM
To: geoserver-users@lists.sourceforge.net geoserver-users@lists.sourceforge.net
Subject: [EXTERNAL] [Geoserver-users] ssl/https configure error on geoserver 2.20.5



This email has been received from outside of DOI - Use caution before clicking on links, opening attachments, or responding.

Hello everybody.

I’m trying to configure a geoserver 2.20.05 server (in the windows platform with jetty web server )

I generated a new keystore, and validated it with keytool, and put it in the %GEOSERVER_HOME%\etc directory.

I validated which version of jetty is installed and the i got in the Central Repository: org/eclipse/jetty/jetty-distribution/9.4.36.v20210114 (maven.org)

some files and

Copy ssl.mod from /modules to %GEOSERVER_HOME%\modules
Copy jetty-ssl-context.xml from /etc to %GEOSERVER_HOME%\etc

whith the comand java -cp jetty-util-9.4.36.v20210114.jar org.eclipse.jetty.util.security.Password password

i obtain the obfuscated password (OBF: ) which I used to change the ssl-context.xml file.

the next step was to change my strat.ini by adding the following text:

#SSL

—module=ssl

jetty.ssl.port=8443
#jetty.ssl.idleTimeout=30000

jetty.sslContext.keyStorePath=etc/keystore

jetty.sslContext.trustStorePath=etc/keystore

jetty.sslContext.keyStorePassword=OBF:1k091 …

jetty.sslContext.keyManagerPassword=jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g

jetty.sslContext.trustStorePassword="OBF:1k0915ke…

Number of acceptors (-1 picks default based on number of cores)

jetty.ssl.acceptors=-1

Number of selectors (-1 picks default based on number of cores)

jetty.ssl.selectors=-1

–module=https

jetty.ssl.port=8443
jetty.httpConfig.securePort=8443

note:
I didn’t put, of course, the obf of my keystore password in this email

when i start the service it dont work, and i got this in teh logs file

2022-09-21 14:29:26.303:INFO::main: Logging initialized @562ms to org.eclipse.jetty.util.log.StdErrLog
2022-09-21 14:29:26.665:WARN:oejx.XmlParser:main: FATAL@…3247… line:35 col:5 : org.xml.sax.SAXParseException; lineNumber: 35; columnNumber: 5; The element type “Configure” must be terminated by the matching end-tag “”.
2022-09-21 14:29:26.665:WARN:oejx.XmlConfiguration:main:
java.security.PrivilegedActionException: org.xml.sax.SAXParseException; lineNumber: 35; columnNumber: 5; The element type “Configure” must be terminated by the matching end-tag “”.
at java.security.AccessController.doPrivileged(Native Method)
at org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1857)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.eclipse.jetty.start.Main.invokeMain(Main.java:218)
at org.eclipse.jetty.start.Main.start(Main.java:491)
at org.eclipse.jetty.start.Main.main(Main.java:77)

Can i have some help for correct this???

best regards