我有多个密钥库:K1存储我的应用程序在连接到外部ssl服务时使用的公用密钥。此外,我还有密钥库K2,它包含客户端应用程序连接到我的服务器应用程序时使用的证书。 我用
-Djavax.net.ssl.trustStore=<path to K1>
和
<Connector port="8443" SSLEnabled="true" maxHttpHeaderSize="8192"
protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" minSpareThreads="25" maxSpareThreads="200"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="<K2>" keystorePass="..." keystoreType="JKS"
keyAlias="tomcat"/>
在我的tomcat配置中。当我添加第一行(-D)以使用另一个https服务时,Tomcat开始失败并且它的https连接器未运行:
2014年4月28日上午9:05:56 org.apache.tomcat.util.net.jsse.JSSESocketFactory getStore 严重:由于Keystore被篡改或密码错误,无法加载带有路径/ data / iris / apps / iris-us-dev / security / riskblotter-keystore的密钥库类型JKS 不正确 java.io.IOException:密钥库被篡改,或密码不正确
INFO: Starting Coyote HTTP/1.1 on http-8080
Apr 28, 2014 9:05:56 AM org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:8009
Apr 28, 2014 9:05:56 AM org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/23 config=null
Apr 28, 2014 9:05:56 AM org.apache.tomcat.util.net.jsse.JSSESocketFactory getStore
SEVERE: Failed to load keystore type JKS with path <PATH TO K1> due to Keystore was tampered with, or password w
as incorrect
java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
at java.security.KeyStore.load(KeyStore.java:1185)
看起来它试图将K1用作HTTPS连接器的密钥库,而应该使用K2。在这种情况下是否可以有多个密钥库?