SSL suppoer #2
SSL suppoer #2
Conversation
|
I'm in favour in principle, but I'm not sure how to test it. What's the issue with running specs right now? Just the rspec2 incompatibility? |
|
Mm, at the moment I end up with both rspec 1 & rspec 2 in the environment, which breaks all the tests. Obviously, I do have them both installed... AIUI, they're substantially the same though, so porting the tests should be only a bit of hassle. Testing is probably simple enough - commit two files, one a valid keyfile, one not, start the server a few times and use net/https to verify that it's running HTTPS and presenting the correct certificate, or raising appropriate errors if the invalid keyfile is being pointed to. Actually, to avoid committing binary blobs that have an expiry date, it might be better to programmatically generate keyfiles in the tests. There's surely a Java API for doing so. |
|
Ok, well I upgraded to rspec2 (tested on 2.5.0). I'm not really working in java/jruby right now, so if you wouldn't mind figuring out the testing side of things as well I'd definitely get it bumped out to a release. Thanks for the help! |
|
Alternatively, if you can figure out a way to generate keyfiles and/or generate a pair as you described with a distant future expiry, I could do the actual test writing. It's mostly the key generation part I'm wary of digging into, and since you're apparently actually dealing with this it seems likely you'd have a better idea on how. :) |
|
OK, thanks very much for the commit access - I'll do my best to put together some tests & merge it all in the next few weeks. Things are just a bit hectic at the moment - trying to pull together a release! :D |
|
Hey, @lupine, @tomdz recently wrote another patch for this that also upgrades the jetty version (something that seems entirely worth doing) while also adding SSL support. Could you take a look at it and see if it would also fit your needs? The two versions seem quite similar to me, but his adds a little more. I would still like tests either way, but my use cases for rack-jetty have mostly dried up so it's up to you guys how this should proceed. |
Hi again.
We find ourselves needing in-process SSL for our project using rack-jetty, which seems to be set up using the following procedure (in Java):
http://actionsresults.com/blog/2009/10/24/embedded-jetty-ssl-https/
This pull implements it, although no tests as yet - I thought I'd ask for feedback first, especially since the tests will require a keystore + truststore to be added to the repository, & I'm not sure what the best values to use / way to test would be.
Plus, the project needs updating for recent rspecs ;) - running the specs, never mind writing them, is a bit of a trial right now.
If you're interested in adding the code but want tests (and documentation, of course. Can't forget that), I'm happy to pile some more commits on top - just let me know.