尝试按照此链接中提到的步骤-Encrypt tomcat keystore password
来加密密钥库密码我的server.xml看起来像这样
<Connector port="8443" protocol="<my custom class>"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="conf/.ssl/keystore.jks"
keystorePass="<encrypted_password>"/>
我还按照此处所述设置了密码解码器
public class Http11Nio2Protocol extends org.apache.coyote.http11.Http11Nio2Protocol {
@Override
public void setKeystorePass(String s) {
try {
super.setKeystorePass(new EncryptService().decrypt(s));
} catch (final Exception e){
super.setKeystorePass("");
}
}
问题是tomcat不能以这些更改开始,并且出现以下错误
**org.apache.catalina.LifecycleException: Failed to initialize component [Connector[MyCustomClass-8443]]**
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:112)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:549)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:875)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
at org.apache.catalina.startup.Catalina.load(Catalina.java:606)
at org.apache.catalina.startup.Catalina.start(Catalina.java:643)
at com.adventnet.mfw.service.WebService.start(WebService.java:86)
at com.adventnet.mfw.service.ServiceStarter.initServices(ServiceStarter.java:170)
at com.zoho.mickey.startup.MEServer.startServer(MEServer.java:328)
at com.adventnet.mfw.Starter.start(Starter.java:367)
at com.adventnet.mfw.Starter.main(Starter.java:603)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.tanukisoftware.wrapper.WrapperSimpleApp.run(WrapperSimpleApp.java:290)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:970)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
... 17 more
Caused by: java.lang.IllegalArgumentException: java.security.UnrecoverableKeyException: Cannot recover key
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:107)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85)
at org.apache.tomcat.util.net.Nio2Endpoint.bind(Nio2Endpoint.java:163)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:941)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:237)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:558)
at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:65)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:968)
... 18 more
Caused by: java.security.UnrecoverableKeyException: Cannot recover key
at sun.security.provider.KeyProtector.recover(KeyProtector.java:328)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:146)
at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:56)
at sun.security.provider.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:96)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineGetKey(JavaKeyStore.java:70)
at java.security.KeyStore.getKey(KeyStore.java:1023)
at sun.security.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:133)
at sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:70)
at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:256)
at org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:216)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:105)
... 25 more
请帮助我进行此操作。
谢谢。
答案 0 :(得分:1)
您必须将custom class
作为jar放入 tomcat \ lib 文件夹中。还要检查密钥库在正确的位置-“ conf/.ssl/keystore.jks
”