Java 无法在Spring Boot中使用HTTPS(未找到PKCS12)
我一直在尝试遵循以下关于在Spring Boot中设置HTTPS的教程: 但当我在Eclipse中启动应用程序时,它会抛出一个异常: 原因:java.io.IOException:未能加载密钥库类型[PKCS12] 带路径 [文件:/C:/Users/dbush/workspace/my_app/target/classes/keystore.p12] 由于[PKCS12未找到] 我检查了给定的文件名,并且该文件存在。我还运行了keytool-list-keystore keystore.p12,并能够在给出用于创建它的密码后读取它,该密码与application.properties中的密码相同 你知道这是什么原因吗 我还尝试使用一个JKS文件而不是PKCS12文件,但在未找到JKS时出现了相同的错误 My pom.xml包含: ... org.springframework.boot SpringBootStarterWeb 1.5.3.1发布 org.springframework.data spring数据mongodb 1.10.3.1发布 org.springframework.security spring安全内核 4.2.3.1发布 org.mongodb mongodb驱动程序 3.4.2 org.json json 20160810 org.jvnet.jaxb2_commons jaxb2基础知识 0.6.3 .. My main App.java:Java 无法在Spring Boot中使用HTTPS(未找到PKCS12),java,spring,spring-boot,spring-security,Java,Spring,Spring Boot,Spring Security,我一直在尝试遵循以下关于在Spring Boot中设置HTTPS的教程: 但当我在Eclipse中启动应用程序时,它会抛出一个异常: 原因:java.io.IOException:未能加载密钥库类型[PKCS12] 带路径 [文件:/C:/Users/dbush/workspace/my_app/target/classes/keystore.p12] 由于[PKCS12未找到] 我检查了给定的文件名,并且该文件存在。我还运行了keytool-list-keystore keystore.p12
package dbush;
import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory;
import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.mongodb.repository.config.EnableMongoRepositories;
@Configuration
@EnableAutoConfiguration
@ComponentScan
@EnableMongoRepositories(basePackages = "dbush.repository")
public class App {
public static void main(String[] args) {
SpringApplication.run(App.class, args);
}
@Bean
public EmbeddedServletContainerFactory servletContainer() {
TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory() {
@Override
protected void postProcessContext(Context context) {
SecurityConstraint securityConstraint = new SecurityConstraint();
securityConstraint.setUserConstraint("CONFIDENTIAL");
SecurityCollection collection = new SecurityCollection();
collection.addPattern("/*");
securityConstraint.addCollection(collection);
context.addConstraint(securityConstraint);
}
};
tomcat.addAdditionalTomcatConnectors(redirectConnector());
return tomcat;
}
private Connector redirectConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(8080);
connector.setSecure(false);
connector.setRedirectPort(8443);
return connector;
}
}
My application.properties:
security.require\u ssl=true
server.port=8443
server.ssl.key别名=tomcat
server.ssl.key password=changeit
server.ssl.key store=classpath:keystore.p12
server.ssl.key store type=PKCS12
完整堆栈跟踪:
2017-11-22 16:38:09.554错误8556-[main]org.apache.tomcat.util.net.SSLUtilBase:由于[PKCS12未找到],未能加载路径为[file:/C:/Users/dbush/workspace/my_app/target/classes/keystore.p12]的密钥库类型[PKCS12]
java.security.KeyStoreException:找不到PKCS12
在java.security.KeyStore.getInstanceKeyStore.java:851~[na:1.8.0131]
在org.apache.tomcat.util.net.SSLUtilBase.getStoreSSLUtilBase.java:122~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystoreSSLHostConfigCertificate.java:187[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagersJSSEUtil.java:185[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.tomcat.util.net.AbstractJsseEndpoint.CreateSLContextAbstractJSSeendPoint.java:112[tomcat-embed-core-8.5.14.jar:8.5.14]
位于org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSslAbstractJsseEndpoint.java:85[tomcat-embed-core-8.5.14.jar:8.5.14]
java:225[tomcat-embed-core-8.5.14.jar:8.5.14]
java:978[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.coyote.AbstractProtocol.startAbstractProtocol.java:628[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.catalina.connector.connector.startInternalConnector.java:993[tomcat-embed-core-8.5.14.jar:8.5.14]
java:150[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.catalina.core.StandardService.addConnectorStandardService.java:225[tomcat-embed-core-8.5.14.jar:8.5.14]
位于org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.addPreviouslyRemovedConnectorsTomcatEmbeddedServletContainer.java:247[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.startTomcatEmbeddedServletContainer.java:190[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.startEmbeddedServletContainerEmbeddedWebApplicationContext.java:297[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.finishRefreshEmbeddedWebApplicationContext.java:145[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.context.support.AbstractApplicationContext.refreshAbstractApplicationContext.java:545[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
位于org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refreshEmbeddedWebApplicationContext.java:122[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.refreshSpringApplication.java:737[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.refreshContextSpringApplication.java:370[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.runSpringApplication.java:314[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.runSpringApplication.java:1162[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.runSpringApplication.java:1151
[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
在dbush.App.mainApp.java:23[classes/:na]
原因:java.security.NoSuchAlgorithmException:PKCS12密钥库不可用
在sun.security.jca.GetInstance.getInstanceGetInstance.java:159~[na:1.8.0131]
在java.security.security.getImplSecurity.java:695~[na:1.8.0131]
java:848~[na:1.8.0131]
... 省略23个公共帧
2017-11-22 16:38:09.554错误8556-[main]o.a.coyote.http11.Http11NioProtocol:无法启动与ProtocolHandler相关的端点[https-jsse-nio-8443]
java.lang.IllegalArgumentException:java.io.IOException:由于[PKCS12未找到],未能加载路径为[file:/C:/Users/dbush/workspace/myapp/target/classes/keystore.p12]的密钥库类型[PKCS12]
在org.apache.tomcat.util.net.AbstractJsseEndpoint.CreateSLContextAbstractJSSeendPoint.java:114~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSslAbstractJsseEndpoint.java:85~[tomcat-embed-core-8.5.14.jar:8.5.14]
java:225~[tomcat-embed-core-8.5.14.jar:8.5.14]
位于org.apache.tomcat.util.net.AbstractEndpoint.startAbstractEndpoint.java:978~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.coyote.AbstractProtocol.startAbstractProtocol.java:628~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.catalina.connector.connector.startInternalConnector.java:993[tomcat-embed-core-8.5.14.jar:8.5.14]
java:150[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.catalina.core.StandardService.addConnectorStandardService.java:225[tomcat-embed-core-8.5.14.jar:8.5.14]
位于org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.addPreviouslyRemovedConnectorsTomcatEmbeddedServletContainer.java:247[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.startTomcatEmbeddedServletContainer.java:190[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.startEmbeddedServletContainerEmbeddedWebApplicationContext.java:297[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.finishRefreshEmbeddedWebApplicationContext.java:145[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.context.support.AbstractApplicationContext.refreshAbstractApplicationContext.java:545[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
位于org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refreshEmbeddedWebApplicationContext.java:122[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.refreshSpringApplication.java:737[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.refreshContextSpringApplication.java:370[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.runSpringApplication.java:314[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.runSpringApplication.java:1162[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.runSpringApplication.java:1151[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
在dbush.App.mainApp.java:23[classes/:na]
原因:java.io.IOException:由于[PKCS12未找到],无法加载路径为[file:/C:/Users/dbush/workspace/myapp/target/classes/keystore.p12]的密钥库类型[PKCS12]
在org.apache.tomcat.util.net.SSLUtilBase.getStoreSSLUtilBase.java:149~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystoreSSLHostConfigCertificate.java:187~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagersJSSEUtil.java:185~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.tomcat.util.net.AbstractJsseEndpoint.CreateSLContextAbstractJSSeendPoint.java:112~[tomcat-embed-core-8.5.14.jar:8.5.14]
... 省略19个公共框架
2017-11-22 16:38:09.555错误8556-[main]o.apache.catalina.core.StandardService:无法启动连接器[connector[HTTP/1.1-8443]]
org.apache.catalina.LifecycleeException:无法启动组件[Connector[HTTP/1.1-8443]]
java:167~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.catalina.core.StandardService.addConnectorStandardService.java:225~[tomcat-embed-core-8.5.14.jar:8.5.14]
位于org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.addPreviouslyRemovedConnectorsTomcatEmbeddedServletContainer.java:247[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
在org.springfra
mework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.startTomcatEmbeddedServletContainer.java:190[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.startEmbeddedServletContainerEmbeddedWebApplicationContext.java:297[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.finishRefreshEmbeddedWebApplicationContext.java:145[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.context.support.AbstractApplicationContext.refreshAbstractApplicationContext.java:545[spring-context-4.3.8.RELEASE.jar:4.3.8.RELEASE]
位于org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refreshEmbeddedWebApplicationContext.java:122[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.refreshSpringApplication.java:737[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.refreshContextSpringApplication.java:370[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.runSpringApplication.java:314[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.runSpringApplication.java:1162[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
位于org.springframework.boot.SpringApplication.runSpringApplication.java:1151[spring-boot-1.5.3.RELEASE.jar:1.5.3.RELEASE]
在dbush.App.mainApp.java:23[classes/:na]
原因:org.apache.catalina.LifecycleException:service.getName:Tomcat;协议处理程序启动失败
在org.apache.catalina.connector.connector.startInternalConnector.java:1000~[tomcat-embed-core-8.5.14.jar:8.5.14]
java:150~[tomcat-embed-core-8.5.14.jar:8.5.14]
... 省略13个公共框架
原因:java.lang.IllegalArgumentException:java.io.IOException:由于[PKCS12未找到],未能加载路径为[file:/C:/Users/dbush/workspace/myapp/target/classes/keystore.p12]的密钥库类型[PKCS12]
在org.apache.tomcat.util.net.AbstractJsseEndpoint.CreateSLContextAbstractJSSeendPoint.java:114~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSslAbstractJsseEndpoint.java:85~[tomcat-embed-core-8.5.14.jar:8.5.14]
java:225~[tomcat-embed-core-8.5.14.jar:8.5.14]
位于org.apache.tomcat.util.net.AbstractEndpoint.startAbstractEndpoint.java:978~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.coyote.AbstractProtocol.startAbstractProtocol.java:628~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.catalina.connector.connector.startInternalConnector.java:993~[tomcat-embed-core-8.5.14.jar:8.5.14]
... 省略14个公共框架
原因:java.io.IOException:由于[PKCS12未找到],无法加载路径为[file:/C:/Users/dbush/workspace/myapp/target/classes/keystore.p12]的密钥库类型[PKCS12]
在org.apache.tomcat.util.net.SSLUtilBase.getStoreSSLUtilBase.java:149~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystoreSSLHostConfigCertificate.java:187~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagersJSSEUtil.java:185~[tomcat-embed-core-8.5.14.jar:8.5.14]
在org.apache.tomcat.util.net.AbstractJsseEndpoint.CreateSLContextAbstractJSSeendPoint.java:112~[tomcat-embed-core-8.5.14.jar:8.5.14]
... 省略19个公共框架
要启用https,您需要在application.yml中添加以下属性
server:
ssl:
enabled: ${SSL_ENABLED:true}
key-store: classpath:certificate.p12
key-store-password: edgepay123
key-store-type: PKCS12
key-alias: 1
您似乎缺少server.ssl.key-store-type属性
还可以使用spring引导安全性的以下依赖项
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
您使用的不是spring安全依赖项,而是使用以下属性将位置添加到密钥库:server.ssl.key store=classpath:keystore.p12 在spring引导中,类路径是src/main/resources文件夹。所以把你的钥匙放在那个文件夹里,如下图所示
@DURJava8。我确实尝试设置keystore.type.compat,但没有效果。我还尝试使用JKS文件而不是PKCS12文件,但也遇到了同样的错误。所以我回到这里,从PKCS12切换到JKS,现在它开始工作了。我不确定最初是什么导致JKS文件失败的。当我拉我的项目并将JDK设置为版本8时,我也遇到了同样的问题。当我改为JDK 11时,问题不再出现了,实际上我包含了server.ssl.key-store-type属性。当我复制/粘贴配置时,我错过了那一行。我试着去思考。另外,我尝试了org.springframework.boot:springbootstartersecurity,而不是org.springframework.security:springsecuritycore,但得到了相同的结果。