Java 在Spring Boot上使用PKCS11密钥库类型在web应用程序中建立TLS连接
我尝试使用Spring Boot为我的web应用程序构建设置TLS连接。我的application.properties配置文件如下所示Java 在Spring Boot上使用PKCS11密钥库类型在web应用程序中建立TLS连接,java,spring-boot,ssl,pkcs#11,Java,Spring Boot,Ssl,Pkcs#11,我尝试使用Spring Boot为我的web应用程序构建设置TLS连接。我的application.properties配置文件如下所示 server.port=9999 server.ssl.key-store-password=password server.ssl.key-store=NONE server.ssl.trust-store=C:/newcert/truststore.keystore server.ssl.trust-store-password=password serv
server.port=9999
server.ssl.key-store-password=password
server.ssl.key-store=NONE
server.ssl.trust-store=C:/newcert/truststore.keystore
server.ssl.trust-store-password=password
server.ssl.key-store-provider=SunPKCS11-Thales
server.ssl.key-store-type=PKCS11
server.ssl.key-alias=test_key_ocs2
security.provider.11=sun.security.pkcs11.SunPKCS11 C:/cert/pkcs11.cfg
name=Thales
library = C:\nCipher\nfast\toolkits\pkcs11\cknfast-64.dll
slot=761406613
INFO 16788 --- [ main] o.s.s.concurrent.ThreadPoolTaskExecutor : Initializing ExecutorService 'applicationTaskExecutor'
ERROR 16788 --- [ main] org.apache.tomcat.util.net.SSLUtilBase : Failed to load keystore type [PKCS11] with path [file:/C:/ProjectsGit/ssl-server/NONE] due to [Initialization failed]
java.security.ProviderException: Initialization failed
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:376) ~[sunpkcs11.jar:1.8.0_161]
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103) ~[sunpkcs11.jar:1.8.0_161]
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[na:1.8.0_152]
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ~[na:1.8.0_152]
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[na:1.8.0_152]
at java.lang.reflect.Constructor.newInstance(Constructor.java:423) ~[na:1.8.0_152]
at sun.security.jca.ProviderConfig$2.run(ProviderConfig.java:224) ~[na:1.8.0_152]
at sun.security.jca.ProviderConfig$2.run(ProviderConfig.java:206) ~[na:1.8.0_152]
at java.security.AccessController.doPrivileged(Native Method) ~[na:1.8.0_152]
at sun.security.jca.ProviderConfig.doLoadProvider(ProviderConfig.java:206) ~[na:1.8.0_152]
at sun.security.jca.ProviderConfig.getProvider(ProviderConfig.java:187) ~[na:1.8.0_152]
at sun.security.jca.ProviderList.getProvider(ProviderList.java:233) ~[na:1.8.0_152]
at sun.security.jca.ProviderList.getIndex(ProviderList.java:263) ~[na:1.8.0_152]
at sun.security.jca.ProviderList.getProviderConfig(ProviderList.java:247) ~[na:1.8.0_152]
at sun.security.jca.ProviderList.getProvider(ProviderList.java:253) ~[na:1.8.0_152]
at sun.security.jca.GetInstance.getService(GetInstance.java:81) ~[na:1.8.0_152]
at sun.security.jca.GetInstance.getInstance(GetInstance.java:206) ~[na:1.8.0_152]
at java.security.Security.getImpl(Security.java:698) ~[na:1.8.0_152]
at java.security.KeyStore.getInstance(KeyStore.java:896) ~[na:1.8.0_152]
at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:187) [tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:206) [tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:283) [tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:247) [tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:97) [tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71) [tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:218) [tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1124) [tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1210) [tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:586) [tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1005) [tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) [tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.catalina.core.StandardService.addConnector(StandardService.java:227) [tomcat-embed-core-9.0.27.jar:9.0.27]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:278) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:197) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:297) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:163) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:553) [spring-context-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:747) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:315) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1226) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1215) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at com.example.sslserver.SslServerApplication.main(SslServerApplication.java:10) [classes/:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_152]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_152]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_152]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_152]
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:147) [idea_rt.jar:na]
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_FUNCTION_FAILED
at sun.security.pkcs11.wrapper.PKCS11.C_Initialize(Native Method) ~[sunpkcs11.jar:1.8.0_161]
at sun.security.pkcs11.wrapper.PKCS11$SynchronizedPKCS11.C_Initialize(PKCS11.java:1545) ~[sunpkcs11.jar:1.8.0_161]
at sun.security.pkcs11.wrapper.PKCS11.getInstance(PKCS11.java:157) ~[sunpkcs11.jar:1.8.0_161]
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:330) ~[sunpkcs11.jar:1.8.0_161]
... 48 common frames omitted
INFO 16788 --- [ main] o.apache.catalina.core.StandardService : Stopping service [Tomcat]
INFO 16788 --- [ main] ConditionEvaluationReportLoggingListener :
Error starting ApplicationContext. To display the conditions report re-run your application with 'debug' enabled.
ERROR 16788 --- [ main] o.s.boot.SpringApplication : Application run failed
org.springframework.boot.web.server.WebServerException: Unable to start embedded Tomcat server
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:215) ~[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:297) ~[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:163) ~[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:553) ~[spring-context-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141) ~[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:747) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:315) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1226) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1215) [spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at com.example.sslserver.SslServerApplication.main(SslServerApplication.java:10) [classes/:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_152]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_152]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_152]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_152]
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:147) [idea_rt.jar:na]
Caused by: java.lang.IllegalArgumentException: standardService.connector.startFailed
at org.apache.catalina.core.StandardService.addConnector(StandardService.java:231) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:278) ~[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:197) ~[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
... 15 common frames omitted
Caused by: org.apache.catalina.LifecycleException: Protocol handler start failed
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1008) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.catalina.core.StandardService.addConnector(StandardService.java:227) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
... 17 common frames omitted
Caused by: java.lang.IllegalArgumentException: Failed to load keystore type [PKCS11] with path [file:/C:/ProjectsGit/ssl-server/NONE] due to [Initialization failed]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:99) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:218) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1124) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1210) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:586) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1005) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
... 19 common frames omitted
Caused by: java.io.IOException: Failed to load keystore type [PKCS11] with path [file:/C:/ProjectsGit/ssl-server/NONE] due to [Initialization failed]
at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:229) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:206) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:283) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:247) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:97) ~[tomcat-embed-core-9.0.27.jar:9.0.27]
... 25 common frames omitted
INFO 16788 --- [ main] o.s.s.concurrent.ThreadPoolTaskExecutor : Shutting down ExecutorService 'applicationTaskExecutor'
Process finished with exit code 1
INFO 16788---[main]o.s.s.concurrent.ThreadPoolTaskExecutor:正在初始化ExecutorService'applicationTaskExecutor'
错误16788---[main]org.apache.tomcat.util.net.SSLUtilBase:由于[Initialization Failed],未能加载路径为[file:/C:/ProjectsGit/ssl server/NONE]的密钥库类型[PKCS11]
java.security.ProviderException:初始化失败
在sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:376)~[SunPKCS11.jar:1.8.0¡]
在sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:103)~[SunPKCS11.jar:1.8.0\u 161]
在sun.reflect.NativeConstructorAccessorImpl.newInstance0(本机方法)~[na:1.8.0_152]
在sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)~[na:1.8.0\u 152]
在sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)~[na:1.8.0152]
在java.lang.reflect.Constructor.newInstance(Constructor.java:423)~[na:1.8.0_152]
在sun.security.jca.ProviderConfig$2.run(ProviderConfig.java:224)~[na:1.8.0_152]
在sun.security.jca.ProviderConfig$2.run(ProviderConfig.java:206)~[na:1.8.0_152]
在java.security.AccessController.doPrivileged(本机方法)~[na:1.8.0_152]
在sun.security.jca.ProviderConfig.doLoadProvider(ProviderConfig.java:206)~[na:1.8.0_152]
在sun.security.jca.ProviderConfig.getProvider(ProviderConfig.java:187)~[na:1.8.0_152]
在sun.security.jca.ProviderList.getProvider(ProviderList.java:233)~[na:1.8.0_152]
在sun.security.jca.ProviderList.getIndex(ProviderList.java:263)~[na:1.8.0_152]
在sun.security.jca.ProviderList.getProviderConfig(ProviderList.java:247)~[na:1.8.0_152]
在sun.security.jca.ProviderList.getProvider(ProviderList.java:253)~[na:1.8.0_152]
在sun.security.jca.GetInstance.getService(GetInstance.java:81)~[na:1.8.0_152]
在sun.security.jca.GetInstance.GetInstance(GetInstance.java:206)~[na:1.8.0_152]
在java.security.security.getImpl(security.java:698)~[na:1.8.0_152]
在java.security.KeyStore.getInstance(KeyStore.java:896)~[na:1.8.0_152]
在org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:187)[tomcat-embed-core-9.0.27.jar:9.0.27]
位于org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:206)[tomcat-embed-core-9.0.27.jar:9.0.27]
位于org.apache.tomcat.util.net.SSLUtilBase.getKeyManager(SSLUtilBase.java:283)[tomcat-embed-core-9.0.27.jar:9.0.27]
在org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:247)[tomcat-embed-core-9.0.27.jar:9.0.27]
在org.apache.tomcat.util.net.AbstractJsseEndpoint.CreateSLContext(AbstractJsseEndpoint.java:97)[tomcat-embed-core-9.0.27.jar:9.0.27]
位于org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71)[tomcat-embed-core-9.0.27.jar:9.0.27]
位于org.apache.tomcat.util.net.niodendpoint.bind(niodendpoint.java:218)[tomcat-embed-core-9.0.27.jar:9.0.27]
位于org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1124)[tomcat-embed-core-9.0.27.jar:9.0.27]
在org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1210)[tomcat-embed-core-9.0.27.jar:9.0.27]
在org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:586)[tomcat-embed-core-9.0.27.jar:9.0.27]
在org.apache.catalina.connector.connector.startInternal(connector.java:1005)[tomcat-embed-core-9.0.27.jar:9.0.27]
在org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)[tomcat-embed-core-9.0.27.jar:9.0.27]
在org.apache.catalina.core.StandardService.addConnector(StandardService.java:227)[tomcat-embed-core-9.0.27.jar:9.0.27]
位于org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:278)[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
位于org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:197)[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
位于org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:297)[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
位于org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:163)[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
在org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:553)[spring-context-5.2.1.RELEASE.jar:5.2.1.RELEASE]
在org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141)[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
在org.springframework.boot.SpringApplication.refresh(SpringApplication.java:747)[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
位于org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397)[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
在org.springframework.boot.SpringApplication.run(SpringApplication.java:315)[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
在org.springframework.boot.SpringApplication.run(SpringApplication.java:1226)[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
在org.springframework.boot.SpringApplication.run(SpringApplication.java:1215)[spring-boot-2.2.1.RELEASE.jar:2.2.1.RELEASE]
在com.example.sslserver.SslServerApplication.main(SslServerApplication.java:10)[classes/:na]
在sun.reflect.NativeMethodAccessorImpl.invoke0(本机方法)~[na:1.8.0_152]
在sun.ref
Caused by: java.io.IOException: Failed to load keystore type [PKCS11] with path [file:/C:/ProjectsGit/ssl-server/NONE]