Unable to start jetty server after upgrade to 11.0.6 from 9.4.41.v20210516

Question

I was running my application with jetty server version 9.4.41.v20210516 which works fine. I recently upgraded the jetty version to 11.0.6. Following is my jetty.xml file configuration

<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">

<Configure id="Server" class="org.eclipse.jetty.server.Server">

    <Call name="addBean">
        <Arg>
            <New class="org.eclipse.jetty.util.thread.ScheduledExecutorScheduler"/>
        </Arg>
    </Call>

    <New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
        <Set name="sendServerVersion"><Property name="jetty.send.server.version" default="false" /></Set>
        <Set name="sendDateHeader"><Property name="jetty.send.date.header" default="false" /></Set>
    </New>

    <New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
        <Set name="KeyStorePath"><SystemProperty name="mcruncher.app.dataDir" default="." />\<Property name="jetty.keystore" default="temp\keystore.jks"/></Set>
        <Set name="KeyStorePassword">
            <Property name="jetty.keystore.password" default=""/>
        </Set>
        <Set name="EndpointIdentificationAlgorithm"></Set>

        <Set name="IncludeProtocols">
            <Array type="String">
                <Item>TLSv1.2</Item>
            </Array>
        </Set>

        <Set name="IncludeCipherSuites">
            <Array type="String">
                <Item>TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384</Item>
                <Item>TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384</Item>
            </Array>
        </Set>

        <New id="tlsHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
            <Arg><Ref refid="httpConfig"/></Arg>
            <Call name="addCustomizer">
                <Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg>
            </Call>
        </New>
    </New>

    <Call id="sslConnector" name="addConnector">
        <Arg>
            <New class="org.eclipse.jetty.server.ServerConnector">
                <Arg name="server"><Ref refid="Server" /></Arg>
                <Arg name="factories">
                    <Array type="org.eclipse.jetty.server.ConnectionFactory">
                        <Item>
                            <New class="org.eclipse.jetty.server.SslConnectionFactory">
                                <Arg name="next">http/1.1</Arg>
                                <Arg name="sslContextFactory"><Ref refid="sslContextFactory"/></Arg>
                            </New>
                        </Item>
                        <Item>
                            <New class="org.eclipse.jetty.server.HttpConnectionFactory">
                                <Arg name="config"><Ref refid="tlsHttpConfig"/></Arg>
                            </New>
                        </Item>
                    </Array>
                </Arg>
                <Set name="port"><Property name="jetty.port" default="9090" /></Set>
                <Set name="idleTimeout"><Property name="jetty.idleTimeout" default="30000"/></Set>
                <Set name="soLingerTime"><Property name="jetty.soLingerTime" default="-1"/></Set>
            </New>
        </Arg>
    </Call>

</Configure> 

After upgraded the version jetty server didn't start, i got the following exception

            <Property name="jetty.keystore.password" default=""/>
        </Set><Set name="EndpointIdentificationAlgorithm"/><Set name="IncludeProtocols">
            <Array type="String"><Item>TLSv1.2</Item></Array>
        </Set><Set name="IncludeCipherSuites">
            <Array type="String"><Item>TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384</Item><Item>TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384</Item></Array>
        </Set><New id="tlsHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration"><Arg><Ref refid="httpConfig"/></Arg><Call name="addCustomizer"><Arg><New class="org.eclipse.jetty.server.SecureRequestCustomizer"/></Arg></Call></New></New> on Server@30506c0d{STOPPED}[11.0.6,sto=0]
    at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.newObj(XmlConfiguration.java:1001)
    at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:470)
    at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:380)
    at org.eclipse.jetty.xml.XmlConfiguration.configure(XmlConfiguration.java:303) 

Can someone help me to fix this problem?

Answer 1

There's been many changes to the XML that jetty uses to start itself.

It might be a good idea to review the other changes found in the jetty-home tarball's own XML files with yours.

One thing I noticed, is that you are still using the old generic SslContextFactory in your XML (this is strongly discouraged, as it makes no distinction between server vs client mode).

This is what you are using ...

<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">

In Jetty 9.x using that class will result in warnings and even errors (depending on what is in your keystore)

In Jetty 9.x you should be using either the Server or Client specific version.

Example: from 9.4.43 ${jetty.home}/etc/jetty-ssl-context.xml

<Configure id="sslContextFactory"
    class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">

This use of the Client vs Server specific implementation is optional in Jetty 9.x to allow code to migrate.

In Jetty 10.x that generic class (SslContextFactory) is now abstract, as it should have been.

You have to use the specific implementation only now.

Example: from 11.0.6 ${jetty.home}/etc/jetty-ssl-context.xml

<New id="sslContextFactory"
    class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">

Also note that the default keystore format/type in Jetty 9.4.x is JKS but starting in Jetty 10.0.x it is now PKCS12.