本文介绍了什么是keyAlias ="aaaa"?在tomcat server.xml文件中的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我已经购买了SSL证书并将其安装到tomcat中.我创建了tomcat.keystore文件,该文件包含在server.xml文件中,但也输入了密码,但无法理解keyAlias="aaa".如果我把keyAlias ="localhost"放进下面的异常中.而且,如果我从连接器标签中删除了keyAlias本身,则会得到另一个异常,该异常在下一个localhost异常下方给出.

I have SSL certificate purchased and installed into tomcat. I created tomcat.keystore file which I include in server.xml file also put password but not able to understand keyAlias="aaa". If I put keyAlias="localhost" then I get exception given below. And if I remove keyAlias itself from the Connector tag then I get another exception which is given below next localhost exception.

java.io.IOException: Alias name localhost does not identify a key entry
    at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:588)
    at org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:526)
    at org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:471)
    at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:218)
    at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:400)
    at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:649)

Connector标记中删除keyAlias本身之后,这是一个例外.

Here is exception after removing keyAlias itself from the Connector tag.

Aug 08, 2015 2:39:18 PM org.apache.catalina.core.StandardService initInternal
SEVERE: Failed to initialize connector [Connector[HTTP/1.1-443]]
org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-443]]
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:106)
    at org.apache.catalina.core.StandardService.initInternal(StandardService.java:559)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:821)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:638)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:663)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)
    at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:280)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:454)
Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:980)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    ... 12 more
Caused by: java.net.BindException: Address already in use <null>:443
    at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:413)
    at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:649)
    at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:434)
    at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119)
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:978)
    ... 13 more
Caused by: java.net.BindException: Address already in use
    at java.net.PlainSocketImpl.socketBind(Native Method)
    at java.net.AbstractPlainSocketImpl.bind(AbstractPlainSocketImpl.java:376)
    at java.net.ServerSocket.bind(ServerSocket.java:376)
    at java.net.ServerSocket.<init>(ServerSocket.java:237)
    at java.net.ServerSocket.<init>(ServerSocket.java:181)
    at javax.net.ssl.SSLServerSocket.<init>(SSLServerSocket.java:136)
    at sun.security.ssl.SSLServerSocketImpl.<init>(SSLServerSocketImpl.java:107)
    at sun.security.ssl.SSLServerSocketFactoryImpl.createServerSocket(SSLServerSocketFactoryImpl.java:84)
    at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:219)
    at org.apache.tomcat.util.net.JIoEndpoint.bind(JIoEndpoint.java:400)
    ... 17 more

以下是server.xml文件的内容.

<Connector port="443" SSLEnabled="true" protocol="org.apache.coyote.http11.Http11Protocol"
           maxThreads="150" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS"
           keystoreFile="tomcat.keystore"
           keystorePass="test" keyAlias="aaa"/>

那是什么keyAlias?为什么删除绑定绑定异常后会得到异常?

What is that keyAlias ? Why am I getting exception after removing it which is Binding exception ?

推荐答案

KEYALIAS:

https://www.digicert.com/ssl-certificate-installation- tomcat.htm `

  1. 将证书导入密钥库时,通常会给出别名":

  1. When you import your certificate into the keystore, you would typically give an "alias":

keytool -import -trustcacerts -alias server -file your_site_name.p7b -keystore your_site_name.jks

然后在server.xml中,必须声明 same "alias":

In your server.xml, you must then declare the same "alias":

<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="server" keystoreFile="/home/user_name/your_site_name.jks" keystorePass="your_keystore_password" />

<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" clientAuth="false" sslProtocol="TLS" keyAlias="server" keystoreFile="/home/user_name/your_site_name.jks" keystorePass="your_keystore_password" />

以下其他一些链接可能会有所帮助:

Here are some other links that might help:

https://tomcat.apache.org/tomcat-7.0- doc/ssl-howto.html

https://www.mulesoft.com/tcat/tomcat-ssl

https://wolfpaulus.com/jounal/mac/tomcat-ssl/

第二个问题,无法绑定":

SECOND ISSUE, "CAN'T BIND":

至于使用中的地址",我只是尝试重新启动服务器,然后查看Tomcat是否正确启动.

As far as "address in use", I would simply try rebooting the server and see if Tomcat starts correctly.

如果再次遇到错误,

  1. 在Tomcat设置中查看您要使用的端口(例如443)

  1. Look in your Tomcat settings to see which port you're trying to use (e.g. 443)

检查系统以查看谁还在使用该端口(lsof,nmap等):

Check your system to see who else is using the port (lsof, nmap, etc):

http://www.howtogeek.com/howto/28609/how-can-i-tell-what-is-listening-on-a-tcpip-port-in-windows/

https://access.redhat.com/documentation/zh-CN/Red_Hat_Enterprise_Linux/3/html/Security_Guide/s1-server-ports.html

这篇关于什么是keyAlias ="aaaa"?在tomcat server.xml文件中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

06-26 02:59