Dropwizard + SSL配置

时间:2014-03-07 10:02:13

标签: dropwizard

我无法使用SSL配置Dropwizard ..

按如下方式创建密钥/证书:

openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -days 365 -out server.crt -x509
keytool -import -file server.crt -keystore keystore.jks

我已将生成的keystore.jks与我的配置文件(yml)放在一起。 我的配置文件的http条目为:

http:
 port: 8443
 connectorType: nonblocking+ssl
 ssl:
  keyStore: ./keystore.jks
  keyStorePassword: XXXXXX

启动服务器。设置例外:

javax.net.ssl.SSLHandshakeException: no cipher suites in common
 at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1290) ~[na:1.7.0_51]
 at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:513) ~[na:1.7.0_51]
 at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1177) ~[na:1.7.0_51]
 at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1149) ~[na:1.7.0_51]
 at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469) ~[na:1.7.0_51]

有人可以帮我解决这个问题吗?

3 个答案:

答案 0 :(得分:4)

发送请求时会发生这种情况 使用以下步骤重新创建密钥库并且它正常工作。

openssl pkcs12 -export -name myservercert -in cert.pem -inkey privkey.pem -out keystore.p12

keytool -importkeystore -destkeystore keystore.jks -srckeystore keystore.p12 -srcstoretype pkcs12 -alias myservercert

答案 1 :(得分:0)

在dropwizard配置(yml文件)中添加类似于下面的内容。

connector:
    type: https
    port: 8443
    keyStorePath: /path/to/ssl/directory/keystore.jks
    keyStorePassword: changeme
    trustStorePath: /path/to/jre/lib/security/cacerts
    certAlias: selfsigned

答案 2 :(得分:-2)

添加到您的配置文件(DW 0.7.1)并删除您不需要的内容:

  adminConnectors:
    - type: http
      port: 8081
    - type: https
      port: 8444
      keyStorePath: config/unsecure.keystore
      keyStorePassword: password
      validateCerts: true
      headerCacheSize: 512 bytes
      outputBufferSize: 32KiB
      maxRequestHeaderSize: 8KiB
      maxResponseHeaderSize: 8KiB
      inputBufferSize: 8KiB
      idleTimeout: 30 seconds
      minBufferPoolSize: 64 bytes
      bufferPoolIncrement: 1KiB
      maxBufferPoolSize: 64KiB
      acceptorThreads: 1
      selectorThreads: 2
      acceptQueueSize: 8
      reuseAddress: true
      soLingerTime: 345s
      useServerHeader: true
      useDateHeader: true
      useForwardedHeaders: true