来自Thawte的Glassfish 4.0 SSL证书

时间:2014-05-28 12:38:44

标签: java ssl https glassfish-4

我的GF4和SSL存在一些问题。

我已经安装了GF4,并在this tutorial

列出了所有更改

一切都很顺利但是现在我想在线使用GF服务器并且在pruductiv环境中,我想将SSL Cert更改为已购买的。我已经购买了SSL123 Thawte SSL证书,它只是域名签名(对于初学者来说应该足够了)。现在我有.key的.csr和.crt文件。 我已经查找了,如何将给定的Key和CRT文件导入到现有的Keystore中。 (使用openssl和production和p12文件)

现在,如果我只是停止GF域并删除两个别名“s1as”和“glassfish-instance”并在此别名下导入新的SSL Cert,我就无法再次启动域。我在server.log中得到以下两个错误:

[2014-05-28T14:33:55.105+0200] [glassfish 4.0] [WARNING] [] [org.glassfish.grizzly.config.SSLConfigurator] [tid: _ThreadID=28 _ThreadName=http-listener-2(4)] [timeMillis: 1401280435105] [levelValue: 900] [[
  GRIZZLY0050: SSL support could not be configured!
java.io.IOException: A MultiException has 2 exceptions.  They are:
1. java.lang.Error: java.security.UnrecoverableKeyException: Cannot recover key
2. java.lang.IllegalStateException: Unable to perform operation: post construct on com.sun.enterprise.security.ssl.SSLUtils

    at org.glassfish.grizzly.config.ssl.JSSE14SocketFactory.init(JSSE14SocketFactory.java:162)
    at org.glassfish.grizzly.config.SSLConfigurator.initializeSSLContext(SSLConfigurator.java:249)
    at org.glassfish.grizzly.config.SSLConfigurator.configureSSL(SSLConfigurator.java:131)
    at org.glassfish.grizzly.config.SSLConfigurator$InternalSSLContextConfigurator.createSSLContext(SSLConfigurator.java:389)
    at org.glassfish.grizzly.ssl.SSLEngineConfigurator.createSSLEngine(SSLEngineConfigurator.java:180)
    at org.glassfish.grizzly.ssl.SSLBaseFilter$SSLTransportFilterWrapper.handleRead(SSLBaseFilter.java:968)
    at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
    at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288)
    at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206)
    at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136)
    at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114)
    at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
    at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:838)
    at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:113)
    at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:115)
    at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:55)
    at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:135)
    at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:564)
    at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:544)
    at java.lang.Thread.run(Thread.java:745)
]]

 [2014-05-28T14:33:55.124+0200] [glassfish 4.0] [WARNING] [] [org.glassfish.grizzly.filterchain.DefaultFilterChain] [tid: _ThreadID=28 _ThreadName=http-listener-2(4)] [timeMillis: 1401280435124] [levelValue: 900] [[
  Exception during FilterChain execution
java.lang.NullPointerException
    at org.glassfish.grizzly.ssl.SSLEngineConfigurator.createSSLEngine(SSLEngineConfigurator.java:185)
    at org.glassfish.grizzly.ssl.SSLBaseFilter$SSLTransportFilterWrapper.handleRead(SSLBaseFilter.java:968)
    at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
    at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288)
    at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206)
    at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136)
    at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114)
    at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
    at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:838)
    at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:113)
    at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:115)
    at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:55)
    at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:135)
    at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:564)
    at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:544)
    at java.lang.Thread.run(Thread.java:745)
]]

我已经尝试过其他配置,更改了密码,更改了主密码,但是我无法让它工作...... 我希望有人能给我正确的方式来看待。

由于

编辑1: 我在Apache2.2上使用了SSL Cert。那里的一切都很好。

1 个答案:

答案 0 :(得分:0)

这很可能是密码问题。在暂存环境中,您可以尝试将所有密码(包括服务器的主密码)设置为相同。 请注意,在生产环境中这是一个坏主意!您还可以尝试使用vm选项指定要用于密钥的不同密码。