密钥库格式无效:java.io.IOException:密钥库格式无效

时间:2018-01-27 05:50:47

标签: java security jboss keytool der

我已从以下命令生成证书

Openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=nginxsvc/O=nginxsvc"

然后在这样的客户端机器导入

keytool -import -file C:\Code_Base\Certificates\NGINX_150\tls.crt -storepass changeit -keystore "C:\Program Files\Java\jdk1.8.0_152\jre\lib\security\cacerts" -alias nginxsvc

并添加了Jboss服务器的Standalone.xml文件

<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" enable-lookups="false" secure="true">
                <ssl name="ssl" password="changeit" certificate-key-file="C:\Code_Base\Certificates\NGINX_150\tls.key"/>
</connector>

但是当服务器启动时我正在

  

11:12:17,279 ERROR [org.apache.tomcat.util](MSC服务主题1-3)   JBWEB003003:无法使用路径加载密钥库类型JKS   由于无效的密钥库,C:\ Code_Base \ Certificates \ NGINX_150 \ tls.key   格式:java.io.IOException:无效的密钥库格式   sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:658)   [rt.jar:1.8.0_152] at   sun.security.provider.JavaKeyStore $ JKS.engineLoad(JavaKeyStore.java:56)   [rt.jar:1.8.0_152] at   sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)   [rt.jar:1.8.0_152] at   sun.security.provider.JavaKeyStore $ DualFormatJKS.engineLoad(JavaKeyStore.java:70)   [rt.jar:1.8.0_152] at java.security.KeyStore.load(KeyStore.java:1445)   [rt.jar:1.8.0_152] at   org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:350)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:265)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:480)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:417)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:180)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:973)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:174)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.catalina.connector.Connector.init(Connector.java:986)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:318)   [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21] at   org.jboss.msc.service.ServiceControllerImpl $ StartTask.startService(ServiceControllerImpl.java:1980)   [jboss-msc-1.1.5.Final-redhat-1.jar:1.1.5.Final-redhat-1] at   org.jboss.msc.service.ServiceControllerImpl $ StartTask.run(ServiceControllerImpl.java:1913)   [jboss-msc-1.1.5.Final-redhat-1.jar:1.1.5.Final-redhat-1] at   java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)   [rt.jar:1.8.0_152] at   java.util.concurrent.ThreadPoolExecutor中的$ Worker.run(ThreadPoolExecutor.java:624)   [rt.jar:1.8.0_152]在java.lang.Thread.run(Thread.java:748)   [rt.jar中:1.8.0_152]

     

11:12:17,283 ERROR [org.apache.coyote.http11.Http11Protocol](MSC   服务线程1-3)JBWEB003043:初始化端点时出错:   java.io.IOException:无效的密钥库格式   sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:658)   [rt.jar:1.8.0_152] at   sun.security.provider.JavaKeyStore $ JKS.engineLoad(JavaKeyStore.java:56)   [rt.jar:1.8.0_152] at   sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)   [rt.jar:1.8.0_152] at   sun.security.provider.JavaKeyStore $ DualFormatJKS.engineLoad(JavaKeyStore.java:70)   [rt.jar:1.8.0_152] at java.security.KeyStore.load(KeyStore.java:1445)   [rt.jar:1.8.0_152] at   org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:350)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:265)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:480)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:417)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:180)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:973)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:174)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.apache.catalina.connector.Connector.init(Connector.java:986)   [jbossweb-7.5.7.Final-redhat-1.jar:7.5.7.Final-redhat-1] at   org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:318)   [jboss-as-web-7.5.0.Final-redhat-21.jar:7.5.0.Final-redhat-21] at   org.jboss.msc.service.ServiceControllerImpl $ StartTask.startService(ServiceControllerImpl.java:1980)   [jboss-msc-1.1.5.Final-redhat-1.jar:1.1.5.Final-redhat-1] at   org.jboss.msc.service.ServiceControllerImpl $ StartTask.run(ServiceControllerImpl.java:1913)   [jboss-msc-1.1.5.Final-redhat-1.jar:1.1.5.Final-redhat-1] at   java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)   [rt.jar:1.8.0_152] at   java.util.concurrent.ThreadPoolExecutor中的$ Worker.run(ThreadPoolExecutor.java:624)   [rt.jar:1.8.0_152]在java.lang.Thread.run(Thread.java:748)   [rt.jar中:1.8.0_152]

     

11:12:17,289 INFO [org.apache.coyote.http11.Http11Protocol](MSC   服务线程1-2)JBWEB003001:Coyote HTTP / 1.1初始化:   http- / 0.0.0.0:8080 11:12:17,297 INFO   [org.apache.coyote.http11.Http11Protocol](MSC服务线程1-2)   JBWEB003000:Coyote HTTP / 1.1开始于:http- / 0.0.0.0:8080   11:12:17,311 ERROR [org.jboss.msc.service.fail](MSC服务主题)   1-3)MSC000001:无法启动服务jboss.web.connector.https:   服务中的org.jboss.msc.service.StartException   jboss.web.connector.https:JBAS018007:启动Web连接器时出错     在   org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:393)     在   org.jboss.msc.service.ServiceControllerImpl $ StartTask.startService(ServiceControllerImpl.java:1980)   [jboss-msc-1.1.5.Final-redhat-1.jar:1.1.5.Final-redhat-1] at   org.jboss.msc.service.ServiceControllerImpl $ StartTask.run(ServiceControllerImpl.java:1913)   [jboss-msc-1.1.5.Final-redhat-1.jar:1.1.5.Final-redhat-1] at   java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)   [rt.jar:1.8.0_152] at   java.util.concurrent.ThreadPoolExecutor中的$ Worker.run(ThreadPoolExecutor.java:624)   [rt.jar:1.8.0_152]在java.lang.Thread.run(Thread.java:748)   [rt.jar:1.8.0_152]引起:LifecycleException:JBWEB000023:   协议处理程序初始化失败   org.apache.catalina.connector.Connector.init(Connector.java:989)at   org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:318)     ......还有5个

1 个答案:

答案 0 :(得分:0)

要考虑的一种可能性是密钥库类型不匹配。

您可以如下检查现有密钥库的密钥库类型:

 keytool -list -keystore <path/to/keystore>

这应该在

之类的输出中显示Keystore类型值。

密钥库类型:PKCS12

这可能与期望的默认密钥库类型(在您的情况下为 JKS

如果是这样,请在您的tomcat服务器配置中使用适当的keystoreType属性来匹配您的密钥库

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
           maxThreads="150" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS"
           keystoreType="PKCS12"
           keystoreFile="path/to/keystore" keystorePass="changeit" />
相关问题
最新问题