Java 在Jetty上配置SSL
我正在尝试配置jetty环境,使其能够建立安全连接 我已经运行了jetty官方文档中描述的步骤:。但是没有成功 重新创建的步骤:Java 在Jetty上配置SSL,java,ssl,jetty,keystore,jetty-9,Java,Ssl,Jetty,Keystore,Jetty 9,我正在尝试配置jetty环境,使其能够建立安全连接 我已经运行了jetty官方文档中描述的步骤:。但是没有成功 重新创建的步骤: java-jar start.jar--create startd--add to start=ssl java-jar start.jar——添加到start=ssl,conscrypt java-jar start.jar——添加到startd=ssl,https 使用以下值更新start.d/ssl.ini: 为了生成密钥库,我遵循以下步骤: openssl g
openssl genrsa -des3 -out jetty.key
openssl req -new -x509 -key jetty.key -out jetty.crt
keytool -keystore keystore -import -alias jetty -file jetty.crt -trustcacerts
openssl req -new -key jetty.key -out jetty.csr
openssl pkcs12 -inkey jetty.key -in jetty.crt -export -out jetty.pkcs12
keytool -importkeystore -srckeystore jetty.pkcs12 -srcstoretype PKCS12 -destkeystore keystore
2020-09-28 13:51:46.896:INFO::main: Logging initialized @523ms to org.eclipse.jetty.util.log.StdErrLog
2020-09-28 13:51:47.387:WARN:oejs.HomeBaseWarning:main: This instance of Jetty is not running from a separate {jetty.base} directory, this is not recommended. See documentation at http://www.eclipse.org/jetty/documentation/current/startup.html
2020-09-28 13:51:47.414:INFO:oejs.Server:main: jetty-9.4.31.v20200723; built: 2020-07-23T17:57:36.812Z; git: 450ba27947e13e66baa8cd1ce7e85a4461cacc1d; jvm 11.0.8+10-LTS
2020-09-28 13:51:47.460:INFO:oejdp.ScanningAppProvider:main: Deployment monitor [file:///opt/jetty-distribution-9.4.31.v20200723/webapps/] at interval 1
2020-09-28 13:51:47.796:INFO:oejus.SslContextFactory:main: x509=X509@6853425f(jetty,h=[jettyhttp2sample.organicdesign.org],w=[]) for Server@5a9f4771[provider=Conscrypt,keyStore=file:///opt/jetty-distribution-9.4.31.v20200723/etc/keystore,trustStore=file:///opt/jetty-distribution-9.4.31.v20200723/etc/keystore]
2020-09-28 13:51:47.799:INFO:oejus.SslContextFactory:main: Unable to get KeyManagerFactory instance for algorithm [SunX509] on provider [Conscrypt], using default
2020-09-28 13:51:47.882:INFO:oejs.AbstractConnector:main: Started ServerConnector@46c1a1fc{SSL, (ssl, http/1.1)}{localhost:8443}
2020-09-28 13:51:47.886:INFO:oejs.AbstractConnector:main: Started ServerConnector@7b205dbd{HTTP/1.1, (http/1.1)}{0.0.0.0:8080}
2020-09-28 13:51:47.887:INFO:oejs.Server:main: Started @1514ms
谢谢。这里没有报告错误,这是备用提供程序的正常回退操作(在您的情况下是conscrypt) Conscrypt安全提供程序不支持
KeyManagerFactorySunX509此外,不要直接编辑jetty home/jetty分发版中的文件,这是一个更大的警告,请正确使用分发版,并根据该警告消息中链接的文档将jetty home与jetty base分开。Jetty 10和Jetty 11中完全删除了管理Jetty standalone配置的古老技术 我正在使用Jetty的这个版本:Jetty-distribution-9.4.31.v20200723,并在ubuntu.20.04发行版中运行
2020-09-28 13:51:46.896:INFO::main: Logging initialized @523ms to org.eclipse.jetty.util.log.StdErrLog
2020-09-28 13:51:47.387:WARN:oejs.HomeBaseWarning:main: This instance of Jetty is not running from a separate {jetty.base} directory, this is not recommended. See documentation at http://www.eclipse.org/jetty/documentation/current/startup.html
2020-09-28 13:51:47.414:INFO:oejs.Server:main: jetty-9.4.31.v20200723; built: 2020-07-23T17:57:36.812Z; git: 450ba27947e13e66baa8cd1ce7e85a4461cacc1d; jvm 11.0.8+10-LTS
2020-09-28 13:51:47.460:INFO:oejdp.ScanningAppProvider:main: Deployment monitor [file:///opt/jetty-distribution-9.4.31.v20200723/webapps/] at interval 1
2020-09-28 13:51:47.796:INFO:oejus.SslContextFactory:main: x509=X509@6853425f(jetty,h=[jettyhttp2sample.organicdesign.org],w=[]) for Server@5a9f4771[provider=Conscrypt,keyStore=file:///opt/jetty-distribution-9.4.31.v20200723/etc/keystore,trustStore=file:///opt/jetty-distribution-9.4.31.v20200723/etc/keystore]
2020-09-28 13:51:47.799:INFO:oejus.SslContextFactory:main: Unable to get KeyManagerFactory instance for algorithm [SunX509] on provider [Conscrypt], using default
2020-09-28 13:51:47.882:INFO:oejs.AbstractConnector:main: Started ServerConnector@46c1a1fc{SSL, (ssl, http/1.1)}{localhost:8443}
2020-09-28 13:51:47.886:INFO:oejs.AbstractConnector:main: Started ServerConnector@7b205dbd{HTTP/1.1, (http/1.1)}{0.0.0.0:8080}
2020-09-28 13:51:47.887:INFO:oejs.Server:main: Started @1514ms