KB293179485: MediaBeacon - How to Enable SSL with MediaBeacon's Jetty Web Server

Description

How to run MediaBeacon's built-in Jetty web server with SSL.

Procedure

1. To enable SSL in MediaBeacon using the built-in Jetty web server, configure two system properties: mb.ssl.keystore.password and mb.ssl.keystore.path. The mb.ssl.keystore.password property is the absolute path to the keystore file, for example:

mb.ssl.keystore.path=C:\\path\\to\\jetty.keystore

The mb.ssl.keystore.password property should use the password for the keystore file. For example, if the keystore file has the password jetty, then:

mb.ssl.keystore.password=jetty

1. After making such changes to the system properties in the standard mediabeacon.properties file, quit and relaunch MediaBeacon for the properties to take effect.  
2. Next, "Change Web" from the Sharing tab of the MediaBeacon server-side GUI application and select the appropriate settings Use secure connection (HTTPS) checkbox, override the automatic address selection to match the host that the certs were made for.
3. As the KeyStore mentioned in the property, cert and key need to be bundled in a "Java Keystore" format. There is nothing MediaBeacon-specific related to creating a KeyStore, however, there are several ways to go about it. The most user-friendly way is to use a tool like KeyStore Explorer. The link below details a process we have successfully used in the past. The first section covers the process from the very beginning, including the generation of the Key, CSR, and Certificate. If a certificate is already in-hand, skip to the "Build a KeyStore with existing key materials" section. See https://support.code42.com/Administr...Store_Explorer.