SSL configuration for web console, Ports and Ciphers, Usage of Variables in JBoss Fuse

Solution Unverified - Updated -


  • Due to the results of security check we need to restrict the cipher list.
  • In the documentation we found the link here which doesn't cover this issue. Additionally we found this link.

  • Per default a connector of type org.eclipse.jetty.server.nio.SelectChannelConnector could be found in jetty.xml.

  • We wonder how this one was working to provide ssl, does it implicitly use properties of org.ops4j.pax.web.cfg ? (like where is the keystore, what is the password) ?

  • To restrict ciphers we had to change the connector to type org.eclipse.jetty.server.ssl.SslSocketConnector to configure a SSLContextFactory including cipher list.
  • Now we do have to explicitly put in values for keystore, password etc. How can we use variables, those one defined org.ops4j.pax.web.cfg or even those we use there?

  • Additionally we would like to know more about the port settings. Where does jetty.port come from? Using other ports in org.ops4j.pax.web.cfg does not deactivate this default port but enables another one in parallel?

In etc/org.ops4j.pax.web.cfg,





  • Red Hat JBoss A-MQ
    • 6.0.0
  • Red Hat JBoss Fuse
    • 6.0.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content