By default, the PDFreactor Web Service does not provide SSL and is accessible only via HTTP. If a secure HTTPS connection is required, you can enable SSL in the Jetty server shipped with PDFreactor by following these steps.

What Do You Need?

Enable SSL in Jetty

You can now use the keyStore you created to configure SSL in Jetty. Since you will have to enter the password for your keystore and certificate in the "ssl.ini" file, we recommend creating a hash from your keystore password and certificate password first. You can do this as follows:

java -cp /path/to/PDFreactor/jetty/lib/jetty-util-9.x.x.xxxxxxxxx.jar yourPassword

Now open the "ssl.ini" file (found in /PDFreactor/jetty/start.d) and edit/uncomment the following section (if you used the same password for your keystore as well as the certificate, [keystorePasswordHash] and [certificatePasswordHash] will be identical):

# SSL Configuration




The [keystorePasswordHash] and [certificatePasswordHash] (including the brackets) have to be replaced by the hashes you created using the "" as described above. If you are using an MD5 hash of your password or your password in plain text instead, change the "OBF" prefix to "MD5" or remove it.

The configuration assumes that your keystore is located in "PDFreactor/jetty/etc/keystore" (therefore the configuration file uses the relative paths "etc/keystore"). If your keystore is located somewhere else, you need to adjust the "jetty.sslContext.keyStorePath" and "jetty.sslContext.trustStorePath" accordingly. Make sure the PDFreactor Web Service has sufficient privileges to access the keyStore file.

After you changed the "ssl.ini", restart the PDFreactor Web Service like this:


  • Go to 'Services'
  • Find the 'PDFreactor WebService'
  • Restart the service


sudo launchctl stop com.realobjects.PDFreactorWebService
sudo launchctl start com.realobjects.PDFreactorWebService


sudo /PDFreactor/bin/pdfreactorwebservice restart

After restarting, you can now access the REST API of the PDFreactor Web Service securely at "https://localhost:8443/service/rest".