You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@karaf.apache.org by mikevan <mv...@comcast.net> on 2011/05/17 21:13:26 UTC

Detailed SSL configuration using Karaf and PKI

All,

The karaf documentation is very light when it comes to setting up Karaf to
use SSL.  Can anyone beef this up, and provide some helpful links in the
meantime?

-----
Mike Van (aka karafman)
Karaf Team (Contributor)
--
View this message in context: http://karaf.922171.n3.nabble.com/Detailed-SSL-configuration-using-Karaf-and-PKI-tp2953784p2953784.html
Sent from the Karaf - User mailing list archive at Nabble.com.

Re: Detailed SSL configuration using Karaf and PKI

Posted by Freeman Fang <fr...@gmail.com>.
Hi,

And if you use FUSE ESB, there's a stub file org.ops4j.pax.web.cfg  
already in etc folder which can configure for SSL.

Freeman
On 2011-5-18, at 上午3:22, Christoper Blunck wrote:

> Look into the OPS4J PAX-Web module.  It's SSL instructions are spot- 
> on:
>   http://wiki.ops4j.org/display/paxweb/SSL+Configuration
>
> -c
>
>
> On Tue, May 17, 2011 at 3:13 PM, mikevan <mv...@comcast.net>  
> wrote:
> All,
>
> The karaf documentation is very light when it comes to setting up  
> Karaf to
> use SSL.  Can anyone beef this up, and provide some helpful links in  
> the
> meantime?
>
> -----
> Mike Van (aka karafman)
> Karaf Team (Contributor)
> --
> View this message in context: http://karaf.922171.n3.nabble.com/Detailed-SSL-configuration-using-Karaf-and-PKI-tp2953784p2953784.html
> Sent from the Karaf - User mailing list archive at Nabble.com.
>
>
>
> -- 
> Christopher Blunck
> chris@thebluncks.com
>

---------------------------------------------
Freeman Fang

FuseSource
Email:ffang@fusesource.com
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
Connect at CamelOne May 24-26
The Open Source Integration Conference

Re: Detailed SSL configuration using Karaf and PKI

Posted by Achim Nierbeck <bc...@googlemail.com>.
Hi,

there is even an alternative to all these mentioned here, you could
connect your authentication/authorization to the JAAS Authentication
provided by Karaf.
If your using Karaf 2.2.1 this is already enabled in the jetty.xml you
just need to make sure your web.xml does use it :-)

Regards, Achim

2011/5/18 Freeman Fang <fr...@gmail.com>:
> Hi,
> Passwords can be obfuscated by
> running org.mortbay.jetty.security.Password as a main class.
> You can get more details from [1]
> [1]http://docs.codehaus.org/display/JETTY/How+to+configure+SSL#HowtoconfigureSSL-step4
> Freeman
> On 2011-5-18, at 上午3:39, mikevan wrote:
>
>
>
> ----- Original Message -----
> From: "blunck2 [via Karaf]"
> <ml...@n3.nabble.com>
> To: "mikevan" <mv...@comcast.net>
> Sent: Tuesday, May 17, 2011 3:23:11 PM
> Subject: Re: Detailed SSL configuration using Karaf and PKI
>
> Look into the OPS4J PAX-Web module.  It's SSL instructions are spot-on:
>   http://wiki.ops4j.org/display/paxweb/SSL+Configuration
>
> -c
>
> Chris
>
>
>
> That looks good. Any ideas how to obfuscate the passwords to use the OBF
> feature?
>
>
>
> On Tue, May 17, 2011 at 3:13 PM, mikevan < [hidden email] > wrote:
>
>
> All,
>
> The karaf documentation is very light when it comes to setting up Karaf to
> use SSL.  Can anyone beef this up, and provide some helpful links in the
> meantime?
>
> -----
> Mike Van (aka karafman)
> Karaf Team (Contributor)
> --
> View this message in context:
> http://karaf.922171.n3.nabble.com/Detailed-SSL-configuration-using-Karaf-and-PKI-tp2953784p2953784.html
> Sent from the Karaf - User mailing list archive at Nabble.com.
>
>
>
> --
> Christopher Blunck
> [hidden email]
>
>
>
>
>
>
> If you reply to this email, your message will be added to the discussion
> below:
> http://karaf.922171.n3.nabble.com/Detailed-SSL-configuration-using-Karaf-and-PKI-tp2953784p2953832.html
> To start a new topic under Karaf - User, email
> ml-node+930749-917263437-228489@n3.nabble.com
> To unsubscribe from Karaf - User, click here .
>
> -----
> Mike Van (aka karafman)
> Karaf Team (Contributor)
> --
> View this message in context:
> http://karaf.922171.n3.nabble.com/Detailed-SSL-configuration-using-Karaf-and-PKI-tp2953784p2953912.html
> Sent from the Karaf - User mailing list archive at Nabble.com.
>
> ---------------------------------------------
> Freeman Fang
> FuseSource
> Email:ffang@fusesource.com
> Web: fusesource.com
> Twitter: freemanfang
> Blog: http://freemanfang.blogspot.com
> Connect at CamelOne May 24-26
> The Open Source Integration Conference
>
>
>
>
>
>
>
>



-- 
--
*Achim Nierbeck*


Apache Karaf <http://karaf.apache.org/> Committer & PMC
OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/>
Committer & Project Lead

Re: Detailed SSL configuration using Karaf and PKI

Posted by Freeman Fang <fr...@gmail.com>.
Hi,

Passwords can be obfuscated by
running org.mortbay.jetty.security.Password as a main class.

You can get more details from [1]

[1]http://docs.codehaus.org/display/JETTY/How+to+configure+SSL#HowtoconfigureSSL-step4
Freeman
On 2011-5-18, at 上午3:39, mikevan wrote:

>
>
>
> ----- Original Message -----
> From: "blunck2 [via Karaf]" <ml-node+2953832-1757062342-228489@n3.nabble.com 
> >
> To: "mikevan" <mv...@comcast.net>
> Sent: Tuesday, May 17, 2011 3:23:11 PM
> Subject: Re: Detailed SSL configuration using Karaf and PKI
>
> Look into the OPS4J PAX-Web module.  It's SSL instructions are spot- 
> on:
>   http://wiki.ops4j.org/display/paxweb/SSL+Configuration
>
> -c
>
> Chris
>
>
>
> That looks good. Any ideas how to obfuscate the passwords to use the  
> OBF feature?
>
>
>
> On Tue, May 17, 2011 at 3:13 PM, mikevan < [hidden email] > wrote:
>
>
> All,
>
> The karaf documentation is very light when it comes to setting up  
> Karaf to
> use SSL.  Can anyone beef this up, and provide some helpful links in  
> the
> meantime?
>
> -----
> Mike Van (aka karafman)
> Karaf Team (Contributor)
> -- 
> View this message in context: http://karaf.922171.n3.nabble.com/Detailed-SSL-configuration-using-Karaf-and-PKI-tp2953784p2953784.html
> Sent from the Karaf - User mailing list archive at Nabble.com.
>
>
>
> -- 
> Christopher Blunck
> [hidden email]
>
>
>
>
>
>
> If you reply to this email, your message will be added to the  
> discussion below: http://karaf.922171.n3.nabble.com/Detailed-SSL-configuration-using-Karaf-and-PKI-tp2953784p2953832.html
> To start a new topic under Karaf - User, email ml-node+930749-917263437-228489@n3.nabble.com
> To unsubscribe from Karaf - User, click here .
>
> -----
> Mike Van (aka karafman)
> Karaf Team (Contributor)
> --
> View this message in context: http://karaf.922171.n3.nabble.com/Detailed-SSL-configuration-using-Karaf-and-PKI-tp2953784p2953912.html
> Sent from the Karaf - User mailing list archive at Nabble.com.

---------------------------------------------
Freeman Fang

FuseSource
Email:ffang@fusesource.com
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
Connect at CamelOne May 24-26
The Open Source Integration Conference

Re: Detailed SSL configuration using Karaf and PKI

Posted by mikevan <mv...@comcast.net>.


----- Original Message ----- 
From: "blunck2 [via Karaf]" <ml...@n3.nabble.com> 
To: "mikevan" <mv...@comcast.net> 
Sent: Tuesday, May 17, 2011 3:23:11 PM 
Subject: Re: Detailed SSL configuration using Karaf and PKI 

Look into the OPS4J PAX-Web module.  It's SSL instructions are spot-on: 
  http://wiki.ops4j.org/display/paxweb/SSL+Configuration 

-c 

Chris 



That looks good. Any ideas how to obfuscate the passwords to use the OBF feature? 



On Tue, May 17, 2011 at 3:13 PM, mikevan < [hidden email] > wrote: 


All, 

The karaf documentation is very light when it comes to setting up Karaf to 
use SSL.  Can anyone beef this up, and provide some helpful links in the 
meantime? 

----- 
Mike Van (aka karafman) 
Karaf Team (Contributor) 
-- 
View this message in context: http://karaf.922171.n3.nabble.com/Detailed-SSL-configuration-using-Karaf-and-PKI-tp2953784p2953784.html 
Sent from the Karaf - User mailing list archive at Nabble.com. 



-- 
Christopher Blunck 
[hidden email] 






If you reply to this email, your message will be added to the discussion below: http://karaf.922171.n3.nabble.com/Detailed-SSL-configuration-using-Karaf-and-PKI-tp2953784p2953832.html 
To start a new topic under Karaf - User, email ml-node+930749-917263437-228489@n3.nabble.com 
To unsubscribe from Karaf - User, click here .

-----
Mike Van (aka karafman)
Karaf Team (Contributor)
--
View this message in context: http://karaf.922171.n3.nabble.com/Detailed-SSL-configuration-using-Karaf-and-PKI-tp2953784p2953912.html
Sent from the Karaf - User mailing list archive at Nabble.com.

Re: Detailed SSL configuration using Karaf and PKI

Posted by Christoper Blunck <ch...@thebluncks.com>.
Look into the OPS4J PAX-Web module.  It's SSL instructions are spot-on:
  http://wiki.ops4j.org/display/paxweb/SSL+Configuration

-c


On Tue, May 17, 2011 at 3:13 PM, mikevan <mv...@comcast.net> wrote:

> All,
>
> The karaf documentation is very light when it comes to setting up Karaf to
> use SSL.  Can anyone beef this up, and provide some helpful links in the
> meantime?
>
> -----
> Mike Van (aka karafman)
> Karaf Team (Contributor)
> --
> View this message in context:
> http://karaf.922171.n3.nabble.com/Detailed-SSL-configuration-using-Karaf-and-PKI-tp2953784p2953784.html
> Sent from the Karaf - User mailing list archive at Nabble.com.
>



-- 
Christopher Blunck
chris@thebluncks.com