问题描述
我已经购买了SSL证书并将其安装到tomcat中.我创建了tomcat.keystore
文件,该文件包含在server.xml
文件中,但也输入了密码,但无法理解keyAlias="aaa"
.如果我把keyAlias ="localhost"放进下面的异常中.而且,如果我从连接器标签中删除了keyAlias
本身,则会得到另一个异常,该异常在下一个localhost
异常下方给出.
I have SSL certificate purchased and installed into tomcat. I created tomcat.keystore
file which I include in server.xml
file also put password but not able to understand keyAlias="aaa"
. If I put keyAlias="localhost" then I get exception given below. And if I remove keyAlias
itself from the Connector tag then I get another exception which is given below next localhost
exception.
java.io.IOException: Alias name localhost does not identify a key entry
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:588)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:526)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:471)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:218)
at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:400)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:649)
从Connector
标记中删除keyAlias
本身之后,这是一个例外.
Here is exception after removing keyAlias
itself from the Connector
tag.
Aug 08, 2015 2:39:18 PM org.apache.catalina.core.StandardService initInternal
SEVERE: Failed to initialize connector [Connector[HTTP/1.1-443]]
org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-443]]
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:106)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:821)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.startup.Catalina.load(Catalina.java:638)
at org.apache.catalina.startup.Catalina.load(Catalina.java:663)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:280)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:454)
Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:980)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
... 12 more
Caused by: java.net.BindException: Address already in use <null>:443
at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:413)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:649)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:434)
at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:978)
... 13 more
Caused by: java.net.BindException: Address already in use
at java.net.PlainSocketImpl.socketBind(Native Method)
at java.net.AbstractPlainSocketImpl.bind(AbstractPlainSocketImpl.java:376)
at java.net.ServerSocket.bind(ServerSocket.java:376)
at java.net.ServerSocket.<init>(ServerSocket.java:237)
at java.net.ServerSocket.<init>(ServerSocket.java:181)
at javax.net.ssl.SSLServerSocket.<init>(SSLServerSocket.java:136)
at sun.security.ssl.SSLServerSocketImpl.<init>(SSLServerSocketImpl.java:107)
at sun.security.ssl.SSLServerSocketFactoryImpl.createServerSocket(SSLServerSocketFactoryImpl.java:84)
at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:219)
at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:400)
... 17 more
以下是server.xml
文件的内容.
<Connector port="443" SSLEnabled="true" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="tomcat.keystore"
keystorePass="test" keyAlias="aaa"/>
那是什么keyAlias
?为什么删除绑定绑定异常后会得到异常?
What is that keyAlias
? Why am I getting exception after removing it which is Binding exception ?
推荐答案
KEYALIAS:
https://www.digicert.com/ssl-certificate-installation- tomcat.htm `
-
将证书导入密钥库时,通常会给出别名":
When you import your certificate into the keystore, you would typically give an "alias":
keytool -import -trustcacerts -alias server -file your_site_name.p7b -keystore your_site_name.jks
然后在server.xml中,必须声明 same "alias":
In your server.xml, you must then declare the same "alias":
<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="server" keystoreFile="/home/user_name/your_site_name.jks" keystorePass="your_keystore_password" />
<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="server" keystoreFile="/home/user_name/your_site_name.jks" keystorePass="your_keystore_password" />
以下其他一些链接可能会有所帮助:
Here are some other links that might help:
https://tomcat.apache.org/tomcat-7.0- doc/ssl-howto.html
https://www.mulesoft.com/tcat/tomcat-ssl
https://wolfpaulus.com/jounal/mac/tomcat-ssl/
第二个问题,无法绑定":
SECOND ISSUE, "CAN'T BIND":
至于使用中的地址",我只是尝试重新启动服务器,然后查看Tomcat是否正确启动.
As far as "address in use", I would simply try rebooting the server and see if Tomcat starts correctly.
如果再次遇到错误,
-
在Tomcat设置中查看您要使用的端口(例如443)
Look in your Tomcat settings to see which port you're trying to use (e.g. 443)
检查系统以查看谁还在使用该端口(lsof,nmap等):
Check your system to see who else is using the port (lsof, nmap, etc):
http://www.howtogeek.com/howto/28609/how-can-i-tell-what-is-listening-on-a-tcpip-port-in-windows/
这篇关于什么是keyAlias ="aaaa"?在tomcat server.xml文件中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!