我已经从以下命令生成了证书
Openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=nginxsvc/O=nginxsvc"
然后在客户端计算机中像这样导入
keytool -import -file C:\Code_Base\Certificates\NGINX_150\tls.crt -storepass changeit -keystore "C:\Program Files\Java\jdk1.8.0_152\jre\lib\security\cacerts" -alias nginxsvc
并且在Jboss服务器的Standalone.xml文件中添加了
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" enable-lookups="false" secure="true">
<ssl name="ssl" password="changeit" certificate-key-file="C:\Code_Base\Certificates\NGINX_150\tls.key"/>
</connector>
但是当服务器启动时,我得到了
11:12:17,279错误[org.apache.tomcat.util](MSC服务线程1-3)JBWEB003003:无法加载包含路径的密钥库类型JKSC:\ Code_Base \ Certificates \ NGINX_150 \ tls.key由于无效的密钥库格式:java.io.IOException:无效的密钥库格式位于sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:658)[rt.jar:1.8.0_152]位于sun.security.provider.JavaKeyStore $ JKS.engineLoad(JavaKeyStore.java:56)[rt.jar:1.8.0_152]位于sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)[rt.jar:1.8.0_152]位于sun.security.provider.JavaKeyStore $ DualFormatJKS.engineLoad(JavaKeyStore.java:70)[rt.jar:1.8.0_152]位于java.security.KeyStore.load(KeyStore.java:1445)[rt.jar:1.8.0_152]位于org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:350)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:265)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:480)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:417)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:180)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:973)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:174)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.catalina.connector.Connector.init(Connector.java:986)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:318)[jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]在org.jboss.msc.service.ServiceControllerImpl $ StartTask.startService(ServiceControllerImpl.java:1980)[jboss-msc-1.1.5.Final-redhat-1.jar:1.1.5.Final-redhat-1]在org.jboss.msc.service.ServiceControllerImpl $ StartTask.run(ServiceControllerImpl.java:1913)[jboss-msc-1.1.5.Final-redhat-1.jar:1.1.5.Final-redhat-1]在java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)[rt.jar:1.8.0_152]位于java.util.concurrent.ThreadPoolExecutor $ Worker.run(ThreadPoolExecutor.java:624)[rt.jar:1.8.0_152]位于java.lang.Thread.run(Thread.java:748)[rt.jar:1.8.0_152]
11:12:17,283错误[org.apache.coyote.http11.Http11Protocol](MSC服务线程1-3)JBWEB003043:初始化端点时出错:java.io.IOException:无效的密钥库格式位于sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:658)[rt.jar:1.8.0_152]位于sun.security.provider.JavaKeyStore $ JKS.engineLoad(JavaKeyStore.java:56)[rt.jar:1.8.0_152]位于sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)[rt.jar:1.8.0_152]位于sun.security.provider.JavaKeyStore $ DualFormatJKS.engineLoad(JavaKeyStore.java:70)[rt.jar:1.8.0_152]位于java.security.KeyStore.load(KeyStore.java:1445)[rt.jar:1.8.0_152]位于org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:350)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:265)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:480)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:417)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:180)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:973)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:174)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.apache.catalina.connector.Connector.init(Connector.java:986)[jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1]在org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:318)[jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21]在org.jboss.msc.service.ServiceControllerImpl $ StartTask.startService(ServiceControllerImpl.java:1980)[jboss-msc-1.1.5.Final-redhat-1.jar:1.1.5.Final-redhat-1]在org.jboss.msc.service.ServiceControllerImpl $ StartTask.run(ServiceControllerImpl.java:1913)[jboss-msc-1.1.5.Final-redhat-1.jar:1.1.5.Final-redhat-1]在java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)[rt.jar:1.8.0_152]位于java.util.concurrent.ThreadPoolExecutor $ Worker.run(ThreadPoolExecutor.java:624)[rt.jar:1.8.0_152]位于java.lang.Thread.run(Thread.java:748)[rt.jar:1.8.0_152]
11:12:17,289信息[org.apache.coyote.http11.Http11Protocol](MSC服务线程1-2)JBWEB003001:土狼HTTP / 1.1初始化于:http- / 0.0.0.0:8080 11:12:17,297信息[org.apache.coyote.http11.Http11Protocol](MSC服务线程1-2)JBWEB003000:土狼HTTP / 1.1开始于:http- / 0.0.0.0:808011:12:17,311错误[org.jboss.msc.service.fail](MSC服务线程1-3)MSC000001:无法启动服务jboss.web.connector.https:服务中的org.jboss.msc.service.StartExceptionjboss.web.connector.https:JBAS018007:启动Web连接器时出错在org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:393)在org.jboss.msc.service.ServiceControllerImpl $ StartTask.startService(ServiceControllerImpl.java:1980)[jboss-msc-1.1.5.Final-redhat-1.jar:1.1.5.Final-redhat-1]在org.jboss.msc.service.ServiceControllerImpl $ StartTask.run(ServiceControllerImpl.java:1913)[jboss-msc-1.1.5.Final-redhat-1.jar:1.1.5.Final-redhat-1]在java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)[rt.jar:1.8.0_152]位于java.util.concurrent.ThreadPoolExecutor $ Worker.run(ThreadPoolExecutor.java:624)[rt.jar:1.8.0_152]位于java.lang.Thread.run(Thread.java:748)[rt.jar:1.8.0_152]原因:LifecycleException:JBWEB000023:协议处理程序初始化在失败org.apache.catalina.connector.Connector.init(Connector.java:989)在org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:318)...还有5个]
考虑的一种可能性是密钥库类型不匹配。
您可以按照以下步骤检查现有密钥库的密钥库类型:
keytool -list -keystore <path/to/keystore>
这应该在输出中显示Keystore类型值,如
密钥库类型:PKCS12
这可能与期望的默认密钥库类型(在您的情况下为JKS)不同
如果是这样,请在您的tomcat服务器配置中使用适当的keystoreType属性来匹配您的密钥库
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreType="PKCS12"
keystoreFile="path/to/keystore" keystorePass="changeit" />