Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/308.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java Tomcat7中的EV SSL证书_Java_Ssl_Tomcat7 - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java Tomcat7中的EV SSL证书

Java Tomcat7中的EV SSL证书

java ssl

Java Tomcat7中的EV SSL证书,java,ssl,tomcat7,Java,Ssl,Tomcat7,我试图将Tomcat7配置为使用Thawte提供的EV证书,但无法使其运行 在出现一些问题之后,我们终于可以将证书(主证书、辅助证书和SSL证书)安装到密钥库中,现在我们尝试按照(或尝试按照)上的说明通过server.xml文件配置Tomcat,但出现了一些问题 目前,我们在catalina.out中没有任何错误或警告,但绿色条没有出现。有什么问题吗 server.xml: <Listener className="org.apache.catalina.core.AprLifecycle

我试图将Tomcat7配置为使用Thawte提供的EV证书,但无法使其运行

在出现一些问题之后,我们终于可以将证书(主证书、辅助证书和SSL证书)安装到密钥库中,现在我们尝试按照(或尝试按照)上的说明通过server.xml文件配置Tomcat,但出现了一些问题

目前,我们在catalina.out中没有任何错误或警告,但绿色条没有出现。有什么问题吗

server.xml:

<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />

...

<Connector port="8080" protocol="HTTP/1.1"
           connectionTimeout="20000"
           redirectPort="8443" />

...

<!-- Define a SSL HTTP/1.1 Connector on port 8443
     This connector uses the JSSE configuration, when using APR, the
     connector should be using the OpenSSL style configuration
     described in the APR documentation -->
<!-- DEFAULT
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
           maxThreads="150" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS" />
-->
<!-- NOK - From Thawte
<Connector
  className="org.apache.coyote.tomcat4.CoyoteConnector"
  port="8443" minProcessors="5"
  maxProcessors="75"
  enableLookups="false"
  acceptCount="10"
  connectionTimeout="60000" debug="0"
  scheme="https" secure="true">
<Factory
  className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
         clientAuth="false" protocol="TLS"
         keystoreFile="/home/tomcat/ssl/mykeystorename.kdb"
         keystorePass="..."/>
</Connector>
-->
<!--
<Connector
    protocol="HTTP/1.1"
    port="8443" maxThreads="200"
    scheme="https" secure="true" SSLEnabled="true"
    keystoreFile="/home/tomcat/ssl/mykeystorename.kdb"
    keystorePass="..."
    clientAuth="false" sslProtocol="TLS"/>
-->
<!-- -->
<Connector
    port="8443" maxThreads="200"
    scheme="https" secure="true" SSLEnabled="true"
    keyAlias="myalias"
    keystoreFile="/home/tomcat/ssl/mykeystorename.kdb"
    keystorePass="..."
    clientAuth="false" sslProtocol="TLS"/>
<!-- --->
  • 您是否确认用于创建证书签名请求的私钥也存储在Java密钥库中

  • 您是否为Java密钥库输入了正确的密码?否则,Java应用程序将无法访问密钥库

  • 您是否为当前运行时环境安装了Java加密扩展策略文件(JCE)

    • 请先确认这些步骤。您的日志信息没有显示任何异常。您还可以尝试将tomcat本机客户端APR与OpenSSL一起使用(APR 1.1.30与OpenSSL 1.0.1g一起使用,以避免Heartbleed bug),从而运行SSL。SSL的性能比本机方式好得多。

    如果您可以从运行服务器的浏览器进行连接;您的问题似乎是证书未被识别为EV。你试过什么浏览器?当前版本?检查浏览器接收到的证书(通常单击锁定图标并按一些按钮),并验证证书策略是否包含EV OID,例如从1)是,按照上的说明,我已在存储私钥的同一密钥库中导入主证书、辅助证书和SSL证书,2)我已检查密码,3)没有,它们已安装。。。我应该更新它们吗?最好用APR? 
    ...
Apr 28, 2014 10:57:06 AM org.apache.catalina.core.StandardServer await
INFO: A valid shutdown command was received via the shutdown port. Stopping the Server instance.
Apr 28, 2014 10:57:06 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-bio-8080"]
Apr 28, 2014 10:57:06 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-bio-8443"]
Apr 28, 2014 10:57:07 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["ajp-bio-8009"]
Apr 28, 2014 10:57:07 AM org.apache.catalina.core.StandardService stopInternal
INFO: Stopping service Catalina
...
Apr 28, 2014 10:57:07 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-bio-8080"]
Apr 28, 2014 10:57:07 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-bio-8443"]
Apr 28, 2014 10:57:07 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["ajp-bio-8009"]
Apr 28, 2014 10:57:07 AM org.apache.coyote.AbstractProtocol destroy
INFO : Destroying ProtocolHandler ["http-bio-8080"]
Apr 28, 2014 10:57:07 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["http-bio-8443"]
Apr 28, 2014 10:57:07 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["ajp-bio-8009"]
...
Apr 28, 2014 10:57:22 AM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib
Apr 28, 2014 10:57:23 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-8080"]
Apr 28, 2014 10:57:23 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-8443"]
Apr 28, 2014 10:57:23 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["ajp-bio-8009"]
Apr 28, 2014 10:57:23 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 2242 ms
Apr 28, 2014 10:57:23 AM org.apache.catalina.core.StandardService startInternal
INFO: Starting service Catalina
Apr 28, 2014 10:57:23 AM org.apache.catalina.core.StandardEngine startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.42
Apr 28, 2014 10:57:23 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive /var/lib/tomcat7/webapps/ROOT.war