我正在使用ApacheTomcat中的ssl证书。我已经创建了csr并得到了一个jks文件。然后,当我将csr交给证书颁发机构时,他们就给了我证书。当我使用以下命令测试jks证书时,
keytool -list -keystore ava_bankasia-bd_com.jks
我得到了以下输出:
Keystore type: PKCS12
Keystore provider: SUN
Your keystore contains 1 entry
tomcat, Jun 22, 2021, trustedCertEntry,
Certificate fingerprint (SHA-256): 7F:F3:C5:60:D1:E6:E5:04:2A:E8:2E:D1:D7:1A:92:DE:39:47:75:BD:06:25:0D:D0:CB:C0:55:BA:D6:2B:28:E9
然后,我用以下代码配置了tomcat:
<Connector port="443"
protocol="org.apache.coyote.http11.Http11Protocol"
SSLEnabled="true"
maxThreads="150"
scheme="https"
secure="true"
clientAuth="false"
sslProtocol="TLS"
keystoreFile="/u01/csr_certificate/ava_bankasia-bd_com.jks"
keystorePass="-------"
keyAlias="tomcat" />
我已经将它们全部导入了密钥库ok(但显然不是!)但是我从tomcat得到的错误是:“java.io.ioexception别名不标识密钥条目。完全错误如下所示:
org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:1076)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:552)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:846)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.startup.Catalina.load(Catalina.java:639)
at org.apache.catalina.startup.Catalina.load(Catalina.java:662)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:302)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:472)
Caused by: java.lang.IllegalArgumentException: Alias name [tomcat] does not identify a key entry
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:100)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:72)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:247)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1143)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:222)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:599)
at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:80)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:1074)
... 13 more
Caused by: java.io.IOException: Alias name [tomcat] does not identify a key entry
at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:336)
at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:245)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:98)
... 20 more
有什么想法吗?这是我第一次这么做,也许我把一些显而易见的事情搞砸了?
该站点在端口80上运行良好。
希望听到一些建议:)
暂无答案!
目前还没有任何答案,快来回答吧!