javalin / javalin-ssl Goto Github PK

View Code? Open in Web Editor NEW

10.0 10.0 1.0 362 KB

Straightforward SSL Configuration for Javalin!

Home Page: https://javalin.io/plugins/ssl-helpers

javalin plugin ssl

javalin-ssl's Introduction

A simple web framework for Java and Kotlin

View the documentation →

Javalin is a very lightweight web framework for Kotlin and Java which supports WebSockets, HTTP2 and async requests. Javalin’s main goals are simplicity, a great developer experience, and first class interoperability between Kotlin and Java.

Javalin is more of a library than a framework. Some key points:

You don't need to extend anything
There are no @Annotations
There is no reflection
There is no other magic; just code.

General information

The project webpage is javalin.io (the source is at javalin/javalin.github.io).
Read the documentation on: javalin.io/documentation
A summary of the license can be found at TLDR Legal
Interesting issues

Community

We have a very active Discord server where you can get help quickly. We also have a (much less active) Slack if you prefer that.

Contributions are very welcome, you can read more about contributing in our guide: CONTRIBUTING

Please consider ❤️ Sponsoring or starring Javalin if you want to support the project.

Quickstart

Add dependency

Maven

<dependency>
    <groupId>io.javalin</groupId>
    <artifactId>javalin</artifactId>
    <version>6.3.0</version>
</dependency>

Gradle

implementation("io.javalin:javalin:6.3.0")

Start programming (Java)

import io.javalin.Javalin;

public class HelloWorld {
    public static void main(String[] args) {
        var app = Javalin.create(/*config*/)
            .get("/", ctx -> ctx.result("Hello World"))
            .start(7070);
    }
}

Start programming (Kotlin)

import io.javalin.Javalin

fun main() {
    val app = Javalin.create(/*config*/)
        .get("/") { it.result("Hello World") }
        .start(7070)
}

Examples

This section contains a few examples, mostly just extracted from the docs. All examples are in Kotlin, but you can find them in Java in the documentation (it's just syntax changes).

You can find more examples in the javalin-samples repository.

Api structure and server config

import io.javalin.Javalin
import io.javalin.apibuilder.ApiBuilder.*

fun main() {
    val app = Javalin.create { config ->
        config.useVirtualThreads = true
        config.http.asyncTimeout = 10_000L
        config.staticFiles.add("/public")
        config.staticFiles.enableWebjars()
        config.router.apiBuilder {
            path("/users") {
                get(UserController::getAll)
                post(UserController::create)
                path("/{userId}") {
                    get(UserController::getOne)
                    patch(UserController::update)
                    delete(UserController::delete)
                }
                ws("/events", userController::webSocketEvents)
            }
        }
    }.start(7070)
}

WebSockets

app.ws("/websocket/{path}") { ws ->
    ws.onConnect { ctx -> println("Connected") }
    ws.onMessage { ctx ->
        val user = ctx.message<User>() // convert from json string to object
        ctx.send(user) //  convert to json string and send back
    }
    ws.onClose { ctx -> println("Closed") }
    ws.onError { ctx -> println("Errored") }
}

Filters and Mappers

app.before("/some-path/*") { ctx -> ... } // runs before requests to /some-path/*
app.before { ctx -> ... } // runs before all requests
app.after { ctx -> ... } // runs after all requests
app.exception(Exception.class) { e, ctx -> ... } // runs if uncaught Exception
app.error(404) { ctx -> ... } // runs if status is 404 (after all other handlers)

app.wsBefore("/some-path/*") { ws -> ... } // runs before ws events on /some-path/*
app.wsBefore { ws -> ... } // runs before all ws events
app.wsAfter { ws -> ... } // runs after all ws events
app.wsException(Exception.class) { e, ctx -> ... } // runs if uncaught Exception in ws handler

JSON-mapping

var todos = arrayOf(...)
app.get("/todos") { ctx -> // map array of Todos to json-string
    ctx.json(todos)
}
app.put("/todos") { ctx -> // map request-body (json) to array of Todos
    todos = ctx.body<Array<Todo>>()
    ctx.status(204)
}

File uploads

app.post("/upload") { ctx ->
    ctx.uploadedFiles("files").forEach { uploadedFile ->
        FileUtil.streamToFile(uploadedFile.content(), "upload/${uploadedFile.filename()}")
    }
}

Plugins

Javalin has a plugin system that allows you to add functionality to the core library. You can find a list of plugins here.

Installing a plugin is as easy as adding a dependency to your project and registering it with Javalin:

Javalin.create { config ->
    config.registerPlugin(MyPlugin())
}

Some of the most popular plugins are:

OpenAPI Plugin

The Javalin OpenAPI plugin allows you to generate an OpenAPI 3.0 specification for your API at compile time.

Annotate your routes with @OpenApi to generate the specification:

@OpenApi(
    summary = "Get all users",
    operationId = "getAllUsers",
    tags = ["User"],
    responses = [OpenApiResponse("200", [OpenApiContent(Array<User>::class)])],
    path = "/users",
    methods = [HttpMethod.GET]
)
fun getAll(ctx: Context) {
    ctx.json(UserService.getAll())
}

Swagger UI and ReDoc UI implementations for viewing the generated specification in your browser are also available.

For more information, see the Javalin OpenAPI Wiki.

SSL Plugin

The Javalin SSL plugin allows you to easily configure SSL for your Javalin server, supporting a variety of formats such as PEM, PKCS12, DER, P7B, and JKS.

Enabling SSL on the 443 port is as easy as:

val plugin = SSLPlugin { conf ->
    conf.pemFromPath("/path/to/cert.pem", "/path/to/key.pem")
}

Javalin.create { javalinConfig ->
    javalinConfig.plugins.register(plugin)
}.start()

Logo	Sponsor
	@barbarysoftware (50 USD/m)
	KabCash (50 USD/m)

Special thanks

Blake Mizerany, for creating Sinatra
Per Wendel, for creating Spark
Christian Rasmussen, for being a great guy
Per Kristian Kummermo, also for being a great guy

javalin-ssl's People

Contributors

Stargazers

Watchers

Forkers

vacax

javalin-ssl's Issues

Automatic detection of certificates

Describe the feature
Provide a single method to load a certificate/key, dynamically detect its encoding and load the certificate/key using the according method.

README中的例子有问题

在Configuration->Java代码块中，例子使用了SSLConfig类中的loadPemFromPath，但实际在5.3.2版本中这个方法不存在于SSLConfig类，应该使用pemFromPath，希望更改（也许Kotlin代码块中有同样的错误？）

Update readme and release workflows to match new coordinates

https://issues.sonatype.org/browse/OSSRH-84953
https://discord.com/channels/804862058528505896/1027162959786541077

Javalin-SSL added as dependency breaks jar main-class

As soon as I add this dependency to my gradle, my executable jar can no longer find the 'main-class' which prevents me from starting the jar executable.

implementation 'io.javalin.community.ssl:ssl-plugin:5.2.0'

The jar works fine when I just disable the dependency... So it seems something is going on with when the SSL dependency is built into the JAR and added to the class list?

I build the jar with this block:

jar { duplicatesStrategy = DuplicatesStrategy.EXCLUDE manifest { attributes( 'Class-Path': configurations.runtimeClasspath.files.collect { it.getName() }.join(' '), 'Main-Class': 'Tester', 'Version': createVersionName(baseVersion)) } from { configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) } } baseName 'Service' }

Thanks for the help

Basic SslPlugin question about getting ClassNotFoundException: nl.altindag.ssl.exception.GenericSecurityException

Hi, this is probably a basic/dummy question but figured someone can point me to the right direction. Thanks in advance.

I'm migrating my Javalin 3.x project to Javalin 6.0 and trying out the SslPlugin to replace SSL code used in Javalin 3.x ( SslContextFactory...etc). When this app runs, I am getting ClassNotFoundException: nl.altindag.ssl.exception.GenericSecurityException at the new SslPlugin line.

I have a very minimal setup (using OpenJDK 21):

public static void main(String[] args) {
SslPlugin plugin = new SslPlugin(conf -> {
conf.pemFromPath("/keystore/cert.pem", "/keystore/key.pem");
conf.securePort = 7070;
});
var app = Javalin.create(config -> {
config.registerPlugin(plugin);
config.staticFiles.add("src/main/resources/public", Location.EXTERNAL);
config.router.mount(router -> {
router.ws("/api/abc", CadetPairing::websocket);
});
})
.start(7070);
}

===========
Exception in thread "main" java.lang.NoClassDefFoundError: nl/altindag/ssl/exception/GenericSecurityException
at java.base/java.lang.ClassLoader.defineClass1(Native Method)
at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1027)
at java.base/java.security.SecureClassLoader.defineClass(SecureClassLoader.java:150)
at java.base/jdk.internal.loader.BuiltinClassLoader.defineClass(BuiltinClassLoader.java:862)
at java.base/jdk.internal.loader.BuiltinClassLoader.findClassOnClassPathOrNull(BuiltinClassLoader.java:760)
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(BuiltinClassLoader.java:681)
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:639)
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:188)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:526)
at java.base/java.lang.ClassLoader.defineClass1(Native Method)
at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1027)
at java.base/java.security.SecureClassLoader.defineClass(SecureClassLoader.java:150)
at java.base/jdk.internal.loader.BuiltinClassLoader.defineClass(BuiltinClassLoader.java:862)
at java.base/jdk.internal.loader.BuiltinClassLoader.findClassOnClassPathOrNull(BuiltinClassLoader.java:760)
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(BuiltinClassLoader.java:681)
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:639)
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:188)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:526)
at io.javalin.community.ssl.SslConfig.pemFromPath(SslConfig.kt:141)
at io.javalin.community.ssl.SslConfig.pemFromPath$default(SslConfig.kt:136)
at io.javalin.community.ssl.SslConfig.pemFromPath(SslConfig.kt)
at com.example.Application.lambda$main$0(Application.java:22)
at io.javalin.plugin.Plugin.(PluginApi.kt:52)
at io.javalin.community.ssl.SslPlugin.(SslPlugin.kt:24)
at com.example.Application.main(Application.java:20)
Caused by: java.lang.ClassNotFoundException: nl.altindag.ssl.exception.GenericSecurityException
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:641)
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:188)
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:526)
... 25 more

JPMS support broken in release 6.0.0

It looks like JPMS support broke during the Kotlin refactor.

The module io.javalin.community.ssl is not found since there's no module-info.class in the jar file.

Having the module-info.java file under src/main/kotlin requires some build configuration, in order to have it compiled and added to the jar file. I've played with this a bit, trying out possible solutions from here:

building-a-kotlin-java-9-project-with-gradle

but to no avail, I'm afraid I don't have the time to dig into this right now.

Some further reading on the Gradle forums:

Java modules not getting added to the module path

Provide a way to be configured by 3rd party plugins.

An external plugin should be able to configure the Jetty Server and load custom SSL configuration without registering this plugin.

The type io.javalin.plugin.Plugin cannot be resolved. It is indirectly referenced from required .class files

I've tried following the initial guide but I'm getting this error. Any advice on this one?

The type io.javalin.plugin.Plugin cannot be resolved. It is indirectly referenced from required .class files

config.registerPlugin(new SSLPlugin(sslConf -> {
  sslConf.loadPemFromClasspath("...", "...");
}));

How to use the SSLPlugin#patch method?

This is a very nice (and most welcome) plugin - thank you.

Currently, I create my own custom org.eclipse.jetty.server.Server and then register it using config.jetty.server(server);. That server:

creates a non-SSL connector
creates a SSL connector
re-routes all traffic to the secure connector (http to https)

I then register it using config.jetty.server(MyJetty::create);. This all works as expected.

The re-route code is basically this:

private static Server redirectHttpToHttps(Server server) {
    // create a constraint: transport guarantee = CONFIDENTIAL
    ConstraintSecurityHandler security = new ConstraintSecurityHandler();
    Constraint constraint = new Constraint();
    constraint.setDataConstraint(Constraint.DC_CONFIDENTIAL);
    //make the constraint apply to all uri paths
    ConstraintMapping mapping = new ConstraintMapping();
    mapping.setPathSpec("/*");
    mapping.setConstraint(constraint);
    security.addConstraintMapping(mapping);
    // add the constraint:
    server.setHandler(security);
    return server;
}

My Question:

Can I combine my customization (just the reroute configuration - no connectors) with this SSL plugin, so that the SSL plugin handles connector creation?

My attempts to do this have not worked. For example - in my Javalin configuration code:

private static void configureJavalin(JavalinConfig config) {

    Supplier<Server> server = MyJetty::create;

    SSLPlugin sslPlugin = new SSLPlugin(conf -> {
        // testing with a self-signed cert:
        conf.pemFromPath("localhost_cert.pem", "localhost_key.pem", "redacted");
        conf.insecure = true;
        conf.insecurePort = 8080;
        conf.secure = true;
        conf.securePort = 8443;
        conf.sniHostCheck = true;
        conf.http2 = true;
    });

    sslPlugin.patch(server.get()); // one of my failed attempts to use patch()

    config.plugins.register(sslPlugin);
}

My various attempts have ended up with either the redirectHttpToHttps() method not being used, or the http connection not being created.

Update test OS detection to use JUnit api

Like here

Upgrading from ssl-plugin:5.3.0 to 5.4.2

I have a strange issue when I upgrade the ssl-plugin:5.3.0 to 5.4.2; the Swagger plugin no longer works (I get a 404 when fetching the webjars).

I'm using Java/Gradle (working configuration):

    // Javalin
    implementation 'io.javalin:javalin-bundle:5.4.2'
    implementation 'io.javalin.community.ssl:ssl-plugin:5.3.0'

    // Javalin OpenAPI (Swagger) plugin
    annotationProcessor("io.javalin.community.openapi:openapi-annotation-processor:5.4.2")
    implementation("io.javalin.community.openapi:javalin-openapi-plugin:5.4.2")
    implementation("io.javalin.community.openapi:javalin-swagger-plugin:5.4.2")

Removing the SSLPlugin registration makes no difference; it seems to be something about adding the ssl-plugin:5.3.1 version and above?

I have looked at javalin/javalin-openapi#115 and added the minimize exclude to my shadowJar, though this makes no difference? I have CORS plugin and that is set to use CorsPluginConfig::anyHost

Looking at the diff between 5.3.0 and 5.3.1 not much has changed?

SSL Plugin always tries to bind to 0.0.0.0:80 even when other host & port are configured

config.plugins.register(new SSLPlugin(conf -> {
conf.pemFromPath("keys/cert.pem", "keys/key.pem", "----");
conf.insecurePort = 8080;
conf.securePort = 60443;
conf.host = host;
conf.http2 = false;
conf.insecure = false;
conf.secure = true;
conf.insecure=false;
}));

[main] ERROR io.javalin.Javalin - Failed to start Javalin
2024-01-10 16:06:49,253|FATAL|c.s.m.aef.sms.app|main|main|117|{} Port already in use. Make sure no other process is using port 80 and try again.
io.javalin.util.JavalinBindException: Port already in use. Make sure no other process is using port 80 and try again.
at io.javalin.Javalin.start(Javalin.java:182) ~[javalin-5.6.3.jar:5.6.3]
at co.slicce.microservices.aef.sms.api.server.start(server.java:164) ~[classes/:?]
at co.slicce.microservices.aef.sms.app.initHttpServer(app.java:245) ~[classes/:?]
at co.slicce.microservices.aef.sms.app.main(app.java:91) [classes/:?]
Caused by: java.io.IOException: Failed to bind to 0.0.0.0/0.0.0.0:80
at org.eclipse.jetty.server.ServerConnector.openAcceptChannel(ServerConnector.java:344) ~[jetty-server-11.0.17.jar:11.0.17]
at org.eclipse.jetty.server.ServerConnector.open(ServerConnector.java:304) ~[jetty-server-11.0.17.jar:11.0.17]
at org.eclipse.jetty.server.Server.lambda$doStart$0(Server.java:402) ~[jetty-server-11.0.17.jar:11.0.17]
at java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:183) ~[?:?]
at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) ~[?:?]
at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177) ~[?:?]
at java.util.Spliterators$ArraySpliterator.forEachRemaining(Spliterators.java:948) ~[?:?]
at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) ~[?:?]
at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) ~[?:?]
at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150) ~[?:?]
at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173) ~[?:?]
at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:?]
at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:497) ~[?:?]
at org.eclipse.jetty.server.Server.doStart(Server.java:398) ~[jetty-server-11.0.17.jar:11.0.17]
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:93) ~[jetty-util-11.0.18.jar:11.0.18]
at io.javalin.jetty.JettyServer.start(JettyServer.kt:82) ~[javalin-5.6.3.jar:5.6.3]
at io.javalin.Javalin.start(Javalin.java:171) ~[javalin-5.6.3.jar:5.6.3]
... 3 more
Caused by: java.net.SocketException: Permission denied
at sun.nio.ch.Net.bind0(Native Method) ~[?:?]
at sun.nio.ch.Net.bind(Net.java:459) ~[?:?]
at sun.nio.ch.Net.bind(Net.java:448) ~[?:?]
at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:227) ~[?:?]
at org.eclipse.jetty.server.ServerConnector.openAcceptChannel(ServerConnector.java:339) ~[jetty-server-11.0.17.jar:11.0.17]
at org.eclipse.jetty.server.ServerConnector.open(ServerConnector.java:304) ~[jetty-server-11.0.17.jar:11.0.17]
at org.eclipse.jetty.server.Server.lambda$doStart$0(Server.java:402) ~[jetty-server-11.0.17.jar:11.0.17]
at java.util.stream.ForEachOps$ForEachOp$OfRef.accept(ForEachOps.java:183) ~[?:?]
at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) ~[?:?]
at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177) ~[?:?]
at java.util.Spliterators$ArraySpliterator.forEachRemaining(Spliterators.java:948) ~[?:?]
at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) ~[?:?]
at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) ~[?:?]
at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150) ~[?:?]
at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173) ~[?:?]
at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:?]
at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:497) ~[?:?]
at org.eclipse.jetty.server.Server.doStart(Server.java:398) ~[jetty-server-11.0.17.jar:11.0.17]
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:93) ~[jetty-util-11.0.18.jar:11.0.18]
at io.javalin.jetty.JettyServer.start(JettyServer.kt:82) ~[javalin-5.6.3.jar:5.6.3]
at io.javalin.Javalin.start(Javalin.java:171) ~[javalin-5.6.3.jar:5.6.3]
... 3 more

When will live reload of certificates be supported?

Hello,
Live reload of certificates is a critical feature in our telco application where certificates are renewed frequently. I see this feature is planned for future but can you state approximate when in time this will be available?

We currently use Spark Java where this is possible to achieve by implementing the spark.embeddedserver.Embeddedserver interface. Does Javalin provide anything similar as a temporary workaround until this feature is released?

Port `enableSslRedirects()` funcionality to `javalin-ssl` plugin configuration

Plugin misses built-in configuration option to enable automatic redirects for HTTP connections. It might be a good idea to use SslRedirectPlugin under the hood, but it should also support custom SSL port configuration, so it's blocked by:

javalin/javalin#1834

Example use-case:

dzikoysk/reposilite#1751

Old dependency issue on io.javalin:javalin-parent:5.6.2 for release 5.6.3

It seems that the 5.6.3 release has a dependency on the parent 5.6.2...

+--- io.javalin.community.ssl:ssl-plugin:5.6.3
|    +--- io.javalin:javalin-parent:5.6.2

Think it is just the hard coded version here...
https://github.com/javalin/javalin-ssl/blob/b01a8b7a60f9a63713984febb32d1e76c0d74ffb/build.gradle#L45C20-L45C25

I was checking to see if CVE-2023-33201 was resolved...

+--- io.javalin.community.ssl:ssl-plugin:5.6.3
...
|    \--- io.github.hakky54:sslcontext-kickstart-for-pem:8.1.5
|         +--- io.github.hakky54:sslcontext-kickstart:8.1.5 (*)
|         \--- org.bouncycastle:bcpkix-jdk15on:1.70
|              +--- org.bouncycastle:bcprov-jdk15on:1.70
|              \--- org.bouncycastle:bcutil-jdk15on:1.70
|                   \--- org.bouncycastle:bcprov-jdk15on:1.70

Add support for JKS Keystores

Not able to connect to server

Actual behavior (the bug)
When trying to connect via https/ssl the server throws an error, and the client gets a 525 error code.

Error:
java.nio.channels.SocketChannel[closed]: java.lang.IllegalStateException: Connection rejected: No ALPN Processor for sun.security.ssl.SSLEngineImpl

Expected behavior
The client should be able to connect without problems, and no problems should occour on the server side.

To Reproduce
Unforntatley the project is private, but i can share the depedencies.

Gradle:

 plugins {
    id 'java'
    id "com.github.johnrengelman.shadow" version "8.1.1"
}

group = 'me.alex'
version = '1.0-SNAPSHOT'

repositories {
    mavenCentral()
    maven { url 'https://jitpack.io' }
}

dependencies {
    implementation ('com.github.GoldenGamerLP:DependencyLoader:eed2460e41') {
        exclude module: 'DependencyExamples'
    }

    annotationProcessor('com.github.GoldenGamerLP:DependencyLoader:eed2460e41') {
        exclude module: 'DependencyExamples'
    }

    implementation 'org.slf4j:slf4j-simple:2.0.7'
    //Javalin
    implementation 'io.javalin:javalin:5.6.2'

    implementation 'com.github.HttpMarco:Aeon:-SNAPSHOT'
    //JsonParser
    implementation 'com.google.code.gson:gson:2.8.8'

    //Lombok
    implementation 'org.projectlombok:lombok:1.18.28'
    annotationProcessor 'org.projectlombok:lombok:1.18.28'
    //OpenAPI
    compileOnly 'io.javalin.community.openapi:javalin-openapi-plugin:5.6.2'

    implementation 'io.javalin.community.ssl:ssl-plugin:5.6.2'

    implementation ('org.eclipse.jetty:jetty-nosql:11.0.15') {
        exclude group: 'org.mongodb'
    }

    implementation 'org.mongodb:mongodb-driver-sync:4.6.0'
}

//Manifest
jar {
    manifest {
        attributes(
                'Main-Class': 'me.alex.app.street14endpoint.EndpointBootstrap',
                'Multi-Release': true
        )
    }
}

Additional context
I used a pem certificate with ssl forwarding. If you have anymore questions, feel free to ask.

Mute `No Cipher Suite matching '...' is supported

Related: dzikoysk/reposilite#1698

Improve javadocs

Some classes are missing a Javadoc, and they could also be displayed e.g:

[![javadoc](https://javadoc.io/badge2/io.javalin.community.ssl/ssl-plugin/javadoc.svg)](https://javadoc.io/doc/io.javalin.community.ssl/ssl-plugin)

Enable JPMS for javalin-ssl

Seeing that Javalin Core just got JPMS enabled (Add JPMS to Core Javalin) it would be great if the same could be done for this library.

The sslcontext-kickstart library just got modularised (Add support for java modules) in version 8.0.0, with minor breaking changes in package names.

I've implemented this in the modules branch of a fork of mine.

I'm not planning on creating a pull-request, since this change seems quite trivial (and I had to add a jetbrains.annotations dependency, which makes me think I'm misundarstanding something 😄), so just take this as an example of how this could be done.

HTTP/2 does not work.

This plugin does nothing. I'm using version 6.1.0 of Javalin and this plugin.

public static void main(String[] args) {
    SslPlugin sslPlugin = new SslPlugin(sslConfig -> {
        sslConfig.http2 = true;
        sslConfig.secure = false;
        sslConfig.insecurePort = Config.get().apiPort;
    });
    Javalin.create(config -> {
        config.registerPlugin(sslPlugin);

        config.validation.register(LocalDate.class, s -> {
            ...
        });

        config.showJavalinBanner = false;
        config.bundledPlugins.enableCors(c -> c.addRule(CorsPluginConfig.CorsRule::anyHost));
        config.router.apiBuilder(() -> {
            path("api", () -> {
                ...
            });
        });
    }).start();

    SimpleModule module = new SimpleModule();
    module.addSerializer(PlanData.class, new PdfDataSerializer());
    JavalinJackson.Companion.defaultMapper().registerModule(module);
}

This is the console output:

[main] INFO io.javalin.Javalin - Starting Javalin ...
[main] INFO org.eclipse.jetty.server.Server - jetty-11.0.19; built: 2023-12-15T20:54:39.802Z; git: f781e475c8fa9e9c8ce18b1eaa03110d510f905f; jvm 18.0.2.1+1
[main] INFO org.eclipse.jetty.server.session.DefaultSessionIdManager - Session workerName=node0
[main] INFO org.eclipse.jetty.server.handler.ContextHandler - Started o.e.j.s.ServletContextHandler@6a6afff2{/,null,AVAILABLE}
[main] INFO org.eclipse.jetty.server.AbstractConnector - Started ServerConnector@3aefe5e5{HTTP/1.1, (http/1.1, h2c)}{0.0.0.0:4000}
[main] INFO org.eclipse.jetty.server.Server - Started Server@15eb5ee5{STARTING}[11.0.19,sto=0] @491ms
[main] INFO io.javalin.Javalin - Javalin started in 212ms \o/
[main] INFO io.javalin.Javalin - Listening on http://localhost:4000/
[main] INFO io.javalin.Javalin - You are running Javalin 6.1.0 (released February 17, 2024).

In line 5 it says HTTP/1.1 and my browser shows the same.

I don't want SSL, only http 2. How can I achieve this?

support javalin 6.0

Support for Client-side X.509 authentication (mTLS)

Authentication of client certificates, also called mTLS

Jetty 11 already support client certificate authentication by providing the following properties:

jetty.sslContext.needClientAuth
jetty.sslContext.trustStorePath
jetty.sslContext.trustStoreAbsolutePath

Javalin should also support mTLS by adding possibility to provide and apply above Jetty configuration parameters. There is no need for client cert to be available in handlers. It is enough to delegate complete check to Jetty.