Versions Compared

Old Version 2

changes.mady.by.user Paul Scott

Saved on

compared with

New Version Current

changes.mady.by.user Paul Scott

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Installera Java 17


Code Block
dnf install java-17-openjdk-headless.x86_64

Installera Jetty 10

Ladda ned latest Jetty 10 (behöver inte vara 10.0.18)

...

Code Block
cd /opt
wget https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-home/10.0.18/jetty-home-10.0.18.tar.gz
tar zxvf jetty-home-10.0.18.tar.gz
useradd jetty
chown -R jetty.jetty jetty-home-10.0.18
ln -s jetty-home-10.0.18 jetty

Konfigurera Jetty base

Kör enligt: https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/2936012848/Jetty10

...

Ta fram lämpligt tls-config.xml och lägg till "source" för filen i start.ini, t.ex.

Code Block
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_10_0.dtd">

<Configure>
  <Ref refid="sslContextFactory">
    <Call name="addExcludeProtocols">
      <Arg>
        <Array type="String">
          <Item>TLSv1.0</Item>
          <Item>TLSv1.1</Item>
        </Array>
      </Arg>
    </Call>
    <Set name="ExcludeCipherSuites">
      <Array type="String">
        <Item>^TLS_RSA_.*$</Item>
        <Item>^.*_RSA_.*_(MD5|SHA|SHA1)$</Item>
        <Item>^.*_DHE_RSA_.*$</Item>
        <Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
        <Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
        <Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
        <Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
        <Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
        <Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
        <Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
      </Array>
    </Set>
  </Ref>
</Configure>


Skapa eller kopiera https.p12 (idp-userfacing.p12) från gamla till nya och lägga den i den nya credentials mappen under jetty-base

...