Jetty Server For Mac

Posted on |

  1. Eclipse Jetty Server
  2. Jetty Server For Mac Download
  3. Jetty Server Tutorial
  4. Jetty Server Mac
  5. Jetty Web Server

Most of the time, we set the Log4j’s log levels to something lower (debug or info) during our local development.Once it is ready for production, we normally set the Log4j’s log levels to something higher (warn or even error) to prevent meaningless information from flooding the server log. Amongst several open source application servers available in the market, Jetty is preferred mostly because of its faster loading time, smaller memory footprint, superior performance and higher data throughput.


farmerswife server has two different sets of certificates, one for the desktop clients and the iOS application and another for the web and mobile web clients.

Out of the box the farmerswife server uses self signed certificates only for the communication from the desktop client and iOS application to the server. These self signed certificates are not in use for the web / mobile web clients, as this could lead to complications because your browser would not allow the connection for your security. This article explains how you can add your own SSL for your web / mobile web client as well as your desktop / iOS client.


Jetty server for mac mojave

Before starting we want to inform that this article is targeted to IT admins.


You can achieve SSL using three different approaches:

  1. SSLing your actual farmerswife server,
  2. using a second farmerswife server as a proxy (covered in other solution article),
  3. using a third party service as proxy, for this documentation we will use NGINX as the third party service.
Jetty


By default farmerswife uses a set of five different ports, three of them HTTP and the other two TCP.

  • Server Port: 22000 TCP over TLS by default *
  • File Transfer Port: 24000 TCP
  • iOS fw app / API Port: 25000 XML over HTTPS *
  • Web Client > Port: 26000 HTTP
  • Mobile Web Client > Port: 26000 HTTP
  • WebCal / HTTP Port: 27000 HTTP

*They use the self signed certificate by default.


SSLing your farmerswife server

The files you need to apply your SSL to farmerswife are the certificate.crt and certificate.key of your system domain/subdomain. Below you will see an example of how they start and finish.

certificate.crt :

certificate.key :


SSLing your web / mobile client

1. Place a copy inside the following folder located inside your farmerswife server installation:

C:Program Files (x86)farmerswife Serverlibopenssl


2. And then execute the following command to start creating a keychain:

Windows:C:Program Files (x86)farmerswife Serverlibopenssl>.openssl.exe pkcs12 -export -name servercert -in certificate.crt -inkey certificate.key -out myp12keystore.p12

Mac and Linux:openssl pkcs12 -export -name servercert -in certificate.crt -inkey certificate.key -out myp12keystore.p12

It will ask you to prompt a password for your certificate chain, which will be needed on the next step and for the configuration of the web / mobile server.

Once done we have to copy the file myp12keystore.p12 to the following folder:

C:Program FilesJavajre_installedversionbin


3. And yet again execute the following command:

Windows: C:Program FilesJavajre_installedversionbin>.keytool.exe -importkeystore -destkeystore keystore -srckeystore myp12keystore.p12 -srcstoretype pkcs12 -alias servercert

Mac and Linux:keytool -importkeystore -destkeystore keystore -srckeystore myp12keystore.p12 -srcstoretype pkcs12 -alias servercert


**Remember which password you used in this step as it will be needed for configuring the SSL on the web / mobile client.


4. Now grab the file named keystore and move it to the following folder:

Windows: C:Program Files (x86)farmerswife Serverlibjettyetc

Mac:/path/to/your/farmerswife Server/Contents/lib/jetty/etc/

Linux:/path/to/your/farmerswife Server/lib/jetty/etc/


5. In that same folder you will need to open the file jetty-ssl.xml and copy the following fragment :

NOTE:Please don’t copy from this solution article as it may introduce wrong characters to the file due to encoding.


6. Once copied you need to paste it inside the file jetty.xml just below the following section:

NOTE: We recommend to not change 'jetty.port' default='8080'. This allows that what ever value is set in fw Server > Setup > General > Web Client > 'Port' to be usable without being SSLed!

And then only the 'confidentialPort'>8443<' value configured here within the 'jetty.xml' is the port value which is SSLed.


In this case we modified the password value for the one we used on the keystore step and the result would be like this:

SSLing your fw Client desktop app / iOS fw app access:

1. Copy your certificate.crt and certificate.key to the following folder:

Windows: C:Program Files (x86)farmerswife Serverhtml_templateshttp_sessionssl_certs

Mac and Linux:/path/to/your/farmerswife Server/html_templates/http_session/ssl_certs/


2. Rename the already existing server.pem and skey.pem to server.pem.old and skey.pem.old in order to rename certificate.crt as server.pem and certificate.key as skey.pem.


Once SSLed you will have the following ports:

  • Server Port: 22000 TCP over TLS
  • File Transfer Port: 24000 TCP
  • iOS fw app / API Port: 25000 XML over HTTPS
  • Web Client > Port: 26000 HTTP
  • SSLed Web Client > Port: 8443 over HTTPS .. via Jetty
  • Mobile Web Client > Port: 26000 HTTP
  • SSLed Mobile Web Client > Port: 8443 over HTTPS .. via Jetty
  • WebCal port: 27000 HTTP

In case you have to provide a CSR to generate your SSL:

Windows: C:Program FilesJavajre_installedversionbin>.keytool.exe -genkey -keyalg RSA -keysize 2048 -dname 'cn=farmerswife.example.com, o=Farmers WIFE S.L., c=ES' -alias farmerswife.example.com -keystore keystore -keypass secret123 -storepass secret123 -validity 1095

Mac and Linux:keytool -genkey -keyalg RSA -keysize 2048 -dname 'cn=farmerswife.example.com, o=Farmers WIFE S.L., c=ES' -alias farmerswife.example.com -keystore keystore -keypass secret123 -storepass secret123 -validity 1095

Note: validity here means from “today” up-to/including the day the certificate expires.


Now create a CA-request that you will later upload on your provider website:

Windows: C:Program FilesJavajre_installedversionbin>.keytool.exe -certreq -alias farmerswife.example.com -file farmerswife.example.com.txt -keypass secret123 -keystore keystore -storepass secret123

Mac and Linux:keytool.exe -certreq -alias farmerswife.example.com -file farmerswife.example.com.txt -keypass secret123 -keystore keystore -storepass secret123


Once done you will obtain a PEM that you need to rename to server.pem. This will be the server.pem you will use for the desktop client. Then import it to the keystore:

Windows: C:Program FilesJavajre_installedversionbin>.keytool.exe -keystore keystore -importcert -alias farmerswife.example.com -file server.pem -trustcacerts -keypass secret123 -storepass secret123

Mac and Linux: keytool.exe -keystore keystore -importcert -alias farmerswife.example.com -file server.pem -trustcacerts -keypass secret123 -storepass secret123


Eclipse Jetty Server

Now extract the private key as skey.pem to use it for the desktop client:

Jetty Server For Mac Download

Windows: C:Program FilesJavajre_installedversionbin>.keytool.exe -v -importkeystore -srckeystore keystore -srcalias farmerswife.example.com -destkeystore skey.p12 -deststoretype PKCS12

Mac and Linux: keytool.exe -v -importkeystore -srckeystore keystore -srcalias farmerswife.example.com -destkeystore skey.p12 -deststoretype PKCS12


Then move the file skey.p12 to the following folder to execute the command:

Windows: C:Program Files (x86)farmerswife Serverlibopensslopenssl.exe pkcs12 -in skey.p12 -nodes -nocerts -out skey.pem

Mac and Linux: openssl pkcs12 -in skey.p12 -nodes -nocerts -out skey.pem


And finally rename the already existing server.pem and skey.pem to server.pem.old and skey.pem.old. This way you can move server.pem and skey.pem to this folder:

Windows: C:Program Files (x86)farmerswife Serverhtml_templateshttp_sessionssl_certs

Server

Mac and Linux: /path/to/your/farmerswife Server/html_templates/http_session/ssl_certs/


Depending on the certificate you apply you may need to also import the cacert file from your provider, so you just need to do the following before moving the certificates to their places:

Windows: C:Program FilesJavajre_installedversionbin>.keytool.exe -import -trustcacerts -keystore keystore -storepass secret123 -alias farmerswife.example.com -import -file providerCAcert.txt

Mac and Linux: keytool -import -trustcacerts -keystore keystore -storepass secret123 -alias farmerswife.example.com -import -file providerCAcert.txt


Once SSLed you will have the following ports:

  • Server Port: 22000 TCP over TLS
  • File Transfer Port: 24000 TCP
  • iOS fw app / API Port: 25000 XML over HTTPS
  • Web Client > Port: 26000 HTTP
  • SSLed Web Client > Port: 8443 over HTTPS .. via Jetty
  • Mobile Web Client > Port: 26000 HTTP
  • SSLed Mobile Web Client > Port: 8443 over HTTPS .. via Jetty
  • WebCal Port: 27000 HTTP


Modifying farmerswife server config to add https to the URL’s

To automatically add the https to the URL’s generated by the farmerswife server you need to add one parameter to the server through the file server.cfg located inside the system folder on your farmerswife server installation:

Windows: C:Program Files (x86)farmerswife Serversystem

Mac and Linux: /path/to/your/farmerswife Server/system/


In case you don’t have this special file you need to create a new one with the following value:

HTTP_HOME https://farmerswife.example.com

Jetty server for mac windows 10

You will find more information in the section “Running a separate TEST WIFE Server” in our release notes.


The point of using this configuration file instead of the server setup is because the field “Url To Server” only accepts URL strings beginning with “http://” due to legacy reasons.


Troubleshooting

In case something fails during the process please check the following logs, the following are the logs of the farmerswife server application:

Windows: C:Program Files (x86)farmerswife Serversystemlog.txt

Rich gang tha tour part 2. Mac and Linux: /path/to/your/farmerswife Server/system/log.txt


And this one is for the web / mobile web server:

Windows: C:Program Files (x86)farmerswife Serverlibjettylogsyyyy_mm_dd.stderrout.log

Mac: /path/to/your/farmerswife Server/Contents/lib/jetty/logs/yyyy_mm_dd.stderrout.log

Linux: /path/to/your/farmerswife Server/lib/jetty/logs/yyyy_mm_dd.stderrout.log


How to upgrade your SSLed farmerswife system

Before upgrading your farmerswife server you will need to make a backup of the following files:

  • jetty.xml
  • keystore
  • server.pem
  • skey.pem

The reason is that the server installation process for the upgrade will overwrite those files, so after the upgrade you just need to copy the backup in its original place.

On mac you will need to manually copy those files together with your system folder to the new server application downloaded.


Use a third party proxy service to apply your SSL certificates

Jetty Server Tutorial

You can use a third party software for example F5, HAproxy or NGINX to use ports 80, 443 or the regular farmerswife server ports to apply your own SSL certificate. In case you prefer to use subdomains for proxying each service, for example ios.farmerswife.example.com or web.farmerswife.example.com, instead of just using the proxy for the regular ports, you need to change the setting for the file transfer port and click on the port field, then in the pop up click on the field “Proxy port” to add the proxied port, otherwise it won't work. Another reason is that with this set up you will not need to upgrade the clients manually.

Jetty Server Mac


Jetty Web Server

To learn how to use the third party software NGINX to create a proxy server to the farmerswife system click on the link: click here