glassfish 3.1.1导入ssl证书
我正在尝试安装一些从godaddy.com购买的SSL证书。我找到了一些像这样的教程:glassfish 3.1.1导入ssl证书,glassfish,glassfish-3,Glassfish,Glassfish 3,我正在尝试安装一些从godaddy.com购买的SSL证书。我找到了一些像这样的教程: 我的证书是一年前为ApacheHTTP服务器生成的,因此我遵循了步骤3中的教程。 我在keystore.jks中导入了这些文件,我用domain.xml中的证书昵称替换了所有出现的s1as,我重新启动了域,但当我尝试通过ssl访问某些内容时,我在glassfish日志中得到了以下信息: [#|2011-10-04T16:02:52.972+0300|WARNING|glassfish3.1.1|co
我的证书是一年前为ApacheHTTP服务器生成的,因此我遵循了步骤3中的教程。
我在keystore.jks中导入了这些文件,我用domain.xml中的证书昵称替换了所有出现的s1as,我重新启动了域,但当我尝试通过ssl访问某些内容时,我在glassfish日志中得到了以下信息:
[#|2011-10-04T16:02:52.972+0300|WARNING|glassfish3.1.1|com.sun.grizzly.config.GrizzlyServiceListener|_ThreadID=17;_ThreadName=http-thread-pool-8181(1);|GRIZZLY0007: SSL support could not be configured!
java.io.IOException: SSL configuration is invalid due to No available certificate or key corresponds to the SSL cipher suites which are enabled.
at com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.checkConfig(JSSE14SocketFactory.java:455)
at com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:183)
at com.sun.grizzly.config.SSLConfigHolder.initializeSSL(SSLConfigHolder.java:361)
at com.sun.grizzly.config.SSLConfigHolder.configureSSL(SSLConfigHolder.java:239)
at com.sun.grizzly.config.GrizzlyEmbeddedHttps$LazySSLInitializationFilter.execute(GrizzlyEmbeddedHttps.java:202)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:679)
Caused by: javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
at sun.security.ssl.SSLServerSocketImpl.checkEnabledSuites(SSLServerSocketImpl.java:327)
at sun.security.ssl.SSLServerSocketImpl.accept(SSLServerSocketImpl.java:272)
at com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.checkConfig(JSSE14SocketFactory.java:451)
... 14 more
|#]
[#|2011-10-04T16:02:52.976+0300|SEVERE|glassfish3.1.1|com.sun.grizzly.config.GrizzlyServiceListener|_ThreadID=17;_ThreadName=http-thread-pool-8181(1);|ProtocolChain exception
java.lang.NullPointerException
at com.sun.grizzly.filter.SSLReadFilter.newSSLEngine(SSLReadFilter.java:352)
at com.sun.grizzly.filter.SSLReadFilter.obtainSSLEngine(SSLReadFilter.java:399)
at com.sun.grizzly.filter.SSLReadFilter.execute(SSLReadFilter.java:159)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:679)
|#]
是的,我认为问题在于我的证书是针对ApacheHTTP的。我发现本教程解释了如何转换这些证书,但这似乎并不能解决我的问题
更新, 在我学习了本教程agentbob.info/agentbob/79-AB.html之后,现在我得到了
[#|2011-10-05T13:18:47.853+0300|WARNING|glassfish3.1.1|com.sun.grizzly.config.GrizzlyServiceListener|_ThreadID=17;_ThreadName=http-thread-pool-8181(1);|GRIZZLY0007: SSL support could not be configured!
java.io.IOException: injection failed on com.sun.enterprise.security.ssl.SSLUtils.secSupp with class com.sun.enterprise.server.pluggable.SecuritySupport
at com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:188)
at com.sun.grizzly.config.SSLConfigHolder.initializeSSL(SSLConfigHolder.java:361)
at com.sun.grizzly.config.SSLConfigHolder.configureSSL(SSLConfigHolder.java:239)
at com.sun.grizzly.config.GrizzlyEmbeddedHttps$LazySSLInitializationFilter.execute(GrizzlyEmbeddedHttps.java:202)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:679)
|#]
[#|2011-10-05T13:18:47.859+0300|SEVERE|glassfish3.1.1|com.sun.grizzly.config.GrizzlyServiceListener|_ThreadID=17;_ThreadName=http-thread-pool-8181(1);|ProtocolChain exception
java.lang.NullPointerException
at com.sun.grizzly.filter.SSLReadFilter.newSSLEngine(SSLReadFilter.java:352)
at com.sun.grizzly.filter.SSLReadFilter.obtainSSLEngine(SSLReadFilter.java:399)
at com.sun.grizzly.filter.SSLReadFilter.execute(SSLReadFilter.java:159)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:679)
|#]
另一个更新
如果将密码从importkey更改为changeit,则可能会出现以下错误:
[#|2011-10-05T13:29:17.210+0300|SEVERE|glassfish3.1.1|javax.enterprise.system.core.com.sun.enterprise.v3.server|_ThreadID=20;_ThreadName=Thread-50;|java.security.UnrecoverableKeyException: Cannot recover key
java.lang.Error: java.security.UnrecoverableKeyException: Cannot recover key
at com.sun.enterprise.security.ssl.SSLUtils.getSSLContext(SSLUtils.java:159)
at com.sun.enterprise.security.ssl.SSLUtils.postConstruct(SSLUtils.java:125)
at com.sun.hk2.component.AbstractCreatorImpl.inject(AbstractCreatorImpl.java:131)
at com.sun.hk2.component.ConstructorCreator.initialize(ConstructorCreator.java:91)
at com.sun.hk2.component.AbstractCreatorImpl.get(AbstractCreatorImpl.java:82)
at com.sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java:67)
at com.sun.hk2.component.EventPublishingInhabitant.get(EventPublishingInhabitant.java:139)
at com.sun.hk2.component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:76)
at org.jvnet.hk2.component.Habitat.getBy(Habitat.java:1048)
at org.jvnet.hk2.component.Habitat.getByType(Habitat.java:1029)
at com.sun.hk2.component.InjectInjectionResolver.getComponentInjectValue(InjectInjectionResolver.java:159)
at com.sun.hk2.component.InjectInjectionResolver.getValue(InjectInjectionResolver.java:90)
at org.jvnet.hk2.component.InjectionManager.inject(InjectionManager.java:141)
at org.jvnet.hk2.component.InjectionManager.inject(InjectionManager.java:91)
at com.sun.hk2.component.AbstractCreatorImpl.inject(AbstractCreatorImpl.java:126)
at com.sun.hk2.component.ConstructorCreator.initialize(ConstructorCreator.java:91)
at com.sun.hk2.component.AbstractCreatorImpl.get(AbstractCreatorImpl.java:82)
at com.sun.hk2.component.SingletonInhabitant.get(SingletonInhabitant.java:67)
at com.sun.hk2.component.EventPublishingInhabitant.get(EventPublishingInhabitant.java:139)
at com.sun.hk2.component.AbstractInhabitantImpl.get(AbstractInhabitantImpl.java:76)
at com.sun.enterprise.security.SecuritySniffer.setup(SecuritySniffer.java:109)
at com.sun.enterprise.v3.server.ContainerStarter.startContainer(ContainerStarter.java:116)
at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainer(ApplicationLifecycle.java:944)
at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java:652)
at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:368)
at com.sun.enterprise.v3.server.ApplicationLoaderService.processApplication(ApplicationLoaderService.java:375)
at com.sun.enterprise.v3.admin.adapter.InstallerThread.load(InstallerThread.java:210)
at com.sun.enterprise.v3.admin.adapter.InstallerThread.run(InstallerThread.java:108)
Caused by: java.security.UnrecoverableKeyException: Cannot recover key
at sun.security.provider.KeyProtector.recover(KeyProtector.java:328)
at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:138)
at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:55)
at java.security.KeyStore.getKey(KeyStore.java:779)
at sun.security.ssl.SunX509KeyManagerImpl.<init>(SunX509KeyManagerImpl.java:131)
at sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:68)
at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:256)
at com.sun.enterprise.security.ssl.impl.SecuritySupportImpl.getKeyManagers(SecuritySupportImpl.java:290)
at com.sun.enterprise.security.ssl.SSLUtils.getKeyManagers(SSLUtils.java:197)
at com.sun.enterprise.security.ssl.SSLUtils.getSSLContext(SSLUtils.java:147)
... 27 more
|#]
[#| 2011-10-05T13:29:17.210+0300 | SEVERE | glassfish3.1.1 | javax.enterprise.system.core.com.sun.enterprise.v3.server | u ThreadID=20;| u ThreadName=Thread-50;| java.security.UnrecoverableKeyException:无法恢复密钥
java.lang.Error:java.security.UnrecoverableKeyException:无法恢复密钥
位于com.sun.enterprise.security.ssl.SSLUtils.getSSLContext(SSLUtils.java:159)
位于com.sun.enterprise.security.ssl.SSLUtils.postConstruct(SSLUtils.java:125)
位于com.sun.hk2.component.AbstractCreatorImpl.inject(AbstractCreatorImpl.java:131)
位于com.sun.hk2.component.ConstructorCreator.initialize(ConstructorCreator.java:91)
com.sun.hk2.component.AbstractCreatorImpl.get(AbstractCreatorImpl.java:82)
com.sun.hk2.component.singletoniHabitant.get(singletoniHabitant.java:67)
在com.sun.hk2.component.eventPublishingHabitat.get上(eventPublishingHabitat.java:139)
位于com.sun.hk2.component.AbstractReshibitAntimpl.get(AbstractReshibitAntimpl.java:76)
网址:org.jvnet.hk2.component.Habitat.getBy(Habitat.java:1048)
位于org.jvnet.hk2.component.Habitat.getByType(Habitat.java:1029)
位于com.sun.hk2.component.injectionresolver.getComponentInjectValue(injectionresolver.java:159)
位于com.sun.hk2.component.injectionresolver.getValue(injectionresolver.java:90)
位于org.jvnet.hk2.component.InjectionManager.inject(InjectionManager.java:141)
位于org.jvnet.hk2.component.InjectionManager.inject(InjectionManager.java:91)
com.sun.hk2.component.AbstractCreatorImpl.inject(AbstractCreatorImpl.java:126)
位于com.sun.hk2.component.ConstructorCreator.initialize(ConstructorCreator.java:91)
com.sun.hk2.component.AbstractCreatorImpl.get(AbstractCreatorImpl.java:82)
com.sun.hk2.component.singletoniHabitant.get(singletoniHabitant.java:67)
在com.sun.hk2.component.eventPublishingHabitat.get上(eventPublishingHabitat.java:139)
位于com.sun.hk2.component.AbstractReshibitAntimpl.get(AbstractReshibitAntimpl.java:76)
位于com.sun.enterprise.security.SecuritySniffer.setup(SecuritySniffer.java:109)
位于com.sun.enterprise.v3.server.ContainerStarter.startContainer(ContainerStarter.java:116)
位于com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainer(ApplicationLifecycle.java:944)
位于com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainerFos(ApplicationLifecycle.java:652)
位于com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:368)
位于com.sun.enterprise.v3.server.ApplicationLoaderService.processApplication(ApplicationLoaderService.java:375)
位于com.sun.enterprise.v3.admin.adapter.InstallerThread.load(InstallerThread.java:210)
位于com.sun.enterprise.v3.admin.adapter.InstallerThread.run(InstallerThread.java:108)
原因:java.security.UnrecoverableKeyException:无法恢复密钥
位于sun.security.provider.KeyProtector.recover(KeyProtector.java:328)
位于sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:138)
位于sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:55)
位于java.security.KeyStore.getKey(KeyStore.java:779)
位于sun.security.ssl.SunX509KeyManagerImpl.(SunX509KeyManagerImpl.java:131)
位于sun.security.ssl.keymanagerfactorympl$SunX509.engineInit(keymanagerfactorympl.java:68)
位于javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:256)
位于com.sun.enterprise.security.ssl.impl.SecuritySupportImpl.GetKeyManager(SecuritySupportImpl.java:290)
位于com.sun.enterprise.security.ssl.SSLUtils.getKeyManager(SSLUtils.java:197)
位于com.sun.enterprise.security.ssl.SSLUtils.getSSLContext(SSLUtils.java:147)
…还有27个
|#]
密码是changeit。”您应该确保密钥库密码与Glassfish主密码(不是管理员密码)匹配
这是GF 3.1的问题您是否确保密钥库密码必须与Glassfish主密码(而非管理员密码)相同?嗨,马特,这正是问题所在,我一更改主密码以导入密钥,一切都按预期工作。这就解决了问题。非常感谢你。很高兴听到你这么说。因此,我将添加一个您可以接受的答案。我刚刚在这里发布了一个与此问题相关的答案:@ggkmath谢谢您的提示。更新了链接。这是一个关键指针;更重要的是,;目标密钥别名的密钥传递应与主密码相同。