HowTo use https / ssl with Maven/Mortbay Jetty Plugin?


Solution 1

You can use Maven to create a development certificate and use it when starting Jetty. First, configure the keytool-maven-plugin to create a development certificate:

    <dname>cn=my.hostname.tld</dname><!-- put your CN here-->

Change the CN as you wish. Then configure the maven-jetty-plugin to use the development certificate:

      <connector implementation="org.mortbay.jetty.nio.SelectChannelConnector">
      <connector implementation="">

Run mvn jetty:run and open https://localhost:8443/context.

Solution 2

In case you are get this error using Pascal's solution:-

Could not find goal 'genkey' in plugin org.codehaus.mojo:keytool-maven-plugin:1.3
  1. Use 'generateKeyPair' as the goal. (genKey is deprecated I believe. )
  2. Add plugin version.

The plugin definition should look like :-

                <dname>cn=my.hostname.tld</dname><!-- put your CN here -->

Solution 3

In case you want to do it using Jetty 9, note that since jetty-9.0 it is no longer possible to configure a https connector directly in the pom.xml: you need to use jetty xml config files to do it.[1].

Here is an example:


                <dname>cn=</dname><!-- put your CN here -->


<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "">
<Configure id="Server" class="org.eclipse.jetty.server.Server">
  <Call id="httpsConnector" name="addConnector">
      <New class="org.eclipse.jetty.server.ServerConnector">
        <Arg name="server"><Ref refid="Server" /></Arg>
        <Arg name="factories">
          <Array type="org.eclipse.jetty.server.ConnectionFactory">
              <New class="org.eclipse.jetty.server.SslConnectionFactory">
                <Arg name="next">http/1.1</Arg>
                <Arg name="sslContextFactory"><Ref refid="sslContextFactory"/></Arg>
              <New class="org.eclipse.jetty.server.HttpConnectionFactory">
                <Arg name="config"><Ref refid="sslHttpConfig"/></Arg>
        <Set name="host"><Property name="" /></Set>
        <Set name="port"><Property name="jetty.https.port" default="8443" /></Set>
        <Set name="idleTimeout">30000</Set>


<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "">

<!-- ============================================================= -->
<!-- Configure a TLS (SSL) Context Factory                         -->
<!-- This configuration must be used in conjunction with jetty.xml -->
<!-- and either jetty-https.xml or jetty-spdy.xml (but not both)   -->
<!-- ============================================================= -->
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
  <Set name="KeyStorePath"><Property name="jetty.home" default="." />/<Property name="jetty.keystore" default="target/jetty-ssl.keystore"/></Set>
  <Set name="KeyStorePassword"><Property name="jetty.keystore.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set>
  <Set name="KeyManagerPassword"><Property name="jetty.keymanager.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set>
  <Set name="TrustStorePath"><Property name="jetty.home" default="." />/<Property name="jetty.truststore" default="target/jetty-ssl.keystore"/></Set>
  <Set name="TrustStorePassword"><Property name="jetty.truststore.password" default="dypBdX1NB3gXA0DXCy9nfyJ4jqUDlaydgbo9OU12g"/></Set>
  <Set name="EndpointIdentificationAlgorithm"></Set>
  <Set name="ExcludeCipherSuites">
    <Array type="String">

  <!-- =========================================================== -->
  <!-- Create a TLS specific HttpConfiguration based on the        -->
  <!-- common HttpConfiguration defined in jetty.xml               -->
  <!-- Add a SecureRequestCustomizer to extract certificate and    -->
  <!-- session information                                         -->
  <!-- =========================================================== -->
  <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
    <Arg><Ref refid="httpConfig"/></Arg>
    <Call name="addCustomizer">
      <Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg>



<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "">
<Configure id="Server" class="org.eclipse.jetty.server.Server">
 <New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
 <Set name="secureScheme">https</Set>
 <Set name="securePort">
  <Property name="" default="8443" />
Ta Sas
Author by

Ta Sas

Updated on June 04, 2022


  • Ta Sas
    Ta Sas about 2 years

    I would like to use ssl / https as described in

    using jetty-maven-plugin, but I don't know how to configure the plugin. Any hint, example, tutorial, walkthrough ?

    Also, I wonder how to carry out Step 3b of the above mentioned tutorial, where manipulation the jetty server is necessary (java -classpath $JETTY_HOME/lib/jetty-util-6.1-SNAPSHOT.jar:$JETTY_HOME/lib/jetty-6.1-SNAPSHOT.jar jetty.pkcs12 keystore).