带有goDaddy证书的Tomcat8.5 SSL连接器

问题描述 投票:0回答:2

我按照指示生成密钥和证书。我能够成功导入证书。我无法正确获取连接器。

以下是步骤和消息。

  1. 生成密钥 keytool -genkey -alias server -keyalg RSA -keysize 2048 -keystore myKey.jks -dname "CN=dnsName.com
  2. 生成证书签名请求。 keytool -certreq -alias server -file myCSR.csr -keystore myKey.jks
  3. 从CA下载证书:复制myCSR内容,粘贴到goDaddy,并下载3个文件:qazxsw poi,qazxsw poi,qazxsw poi
  4. Tomcat Web服务器SSL证书安装: serialNumber-root.crt

此时一切都很成功。

  1. 修改bundle-intermediate.crt

一个。给了我*.pem

keytool -import -alias root -keystore myKey.jks -trustcacerts -file serialNumber-root.crt
keytool -import -alias intermed -keystore myKey.jks -trustcacerts -file bundle-intermediate.crt
keytool -import -alias tomcat -keystore myKey.jks -trustcacerts -file serialNumber-root.crt

要么

tomcat/conf/server.xml

湾给了我java.lang.Exception: Unable to load certificate key E:\tomcat\certificate\myKey.jks (error:0906D06C:PEM routines:PEM_read_bio:no start line)

<Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
           maxThreads="150" SSLEnabled="true" >
    <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
    <SSLHostConfig>
        <Certificate certificateKeyFile="E:\tomcat\certificate\myKey.jks"
                     certificateFile="E:\tomcat\certificate\serialNumber-root.crt"
                     certificateChainFile="E:\tomcat\certificate\serialNumber-root.crt"
                     type="RSA" />
    </SSLHostConfig>
</Connector>

C。 <Connector port="8443" scheme="https" secure="true" SSLEnabled="true" SSLCertificateFile="E:\tomcat\certificate\serialNumber-root.crt" SSLCertificateKeyFile="myKey.jks" SSLPassword="password" SSLCertificateChainFile="E:\tomcat\certificate\serialNumber-root.crt" keyAlias="server" SSLProtocol="TLSv1"/> 

java.lang.IllegalArgumentException: java.io.IOException: Alias name [server] does not identify a key entry
java tomcat ssl connector
2个回答
0
投票

你尝试过使用“org.apache.coyote.http11.Http11NioProtocol”代替“org.apache.coyote.http11.Http11AprProtocol”吗?

<Connector 
       port="8443" maxThreads="200"
       scheme="https" secure="true" SSLEnabled="true"
       keystoreFile="E:\tomcat\certificate\myKey.jks" 
       keystorePass="password"
       keyAlias="server"
       clientAuth="false" sslProtocol="TLS"
/>
-1
投票

现在,我安装了SSL证书并成功启动了tomcat,但我不能java.lang.IllegalArgumentException: Illegal character in opaque part at index 2: c:\certificate\myKey.jks。 我得到的页面无法显示消息•确保网址<Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="150" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="server" keystoreFile="c:\certificate\myKey.jks" keystorePass="password" /> 是正确的。

<Connector executor="tomcatThreadPool" port="80" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="443" /> <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="mySSL.jks" keystorePass="changeit" /> 仍然有效

任何建议都是真诚的感谢。

http://localhost:8443

结束tomcat日志:02-May-2018 09:06:14.192 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler [“http-nio-8080”] 02-May-2018 09:06:14.207 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler [“https-openssl-nio-8443”] 02-May-2018 09:06:14.207 INFO [main] org.apache.coyote.AbstractProtocol.start启动ProtocolHandler [ “AJP-NIO-8009”]

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.