Installera Java 17
Code Block |
---|
dnf install java-17-openjdk-headless.x86_64 |
Installera Jetty 10
Ladda ned latest Jetty 10 (behöver inte vara 10.0.18)
...
Code Block |
---|
cd /opt wget https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-home/10.0.18/jetty-home-10.0.18.tar.gz tar zxvf jetty-home-10.0.18.tar.gz useradd jetty chown -R jetty.jetty jetty-home-10.0.18 ln -s jetty-home-10.0.18 jetty |
Konfigurera Jetty base
Kör enligt: https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/2936012848/Jetty10
...
Ta fram lämpligt tls-config.xml och lägg till "source" för filen i start.ini, t.ex.
Code Block |
---|
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_10_0.dtd">
<Configure>
<Ref refid="sslContextFactory">
<Call name="addExcludeProtocols">
<Arg>
<Array type="String">
<Item>TLSv1.0</Item>
<Item>TLSv1.1</Item>
</Array>
</Arg>
</Call>
<Set name="ExcludeCipherSuites">
<Array type="String">
<Item>^TLS_RSA_.*$</Item>
<Item>^.*_RSA_.*_(MD5|SHA|SHA1)$</Item>
<Item>^.*_DHE_RSA_.*$</Item>
<Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
<Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
<Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
</Array>
</Set>
</Ref>
</Configure>
|
Skapa eller kopiera Skapa eller kopierar https.p12 (idp-userfacing.p12) från gamla till nya och lägga den i den nya credentials mappen under jetty-base
...