无法使用spring boot 2和信任存储在SSL模式下启动tomcat9
在同时使用信任存储和密钥存储但不使用信任存储(仅使用密钥存储)时出现以下错误,它工作正常无法使用spring boot 2和信任存储在SSL模式下启动tomcat9,spring,spring-boot,tomcat,tomcat9,Spring,Spring Boot,Tomcat,Tomcat9,在同时使用信任存储和密钥存储但不使用信任存储(仅使用密钥存储)时出现以下错误,它工作正常 org.apache.catalina.LifecycleException: Protocol handler start failed at org.apache.catalina.connector.Connector.startInternal(Connector.java:960) ~[tomcat-embed-core-9.0.12.jar:9.0.12] at org.apac
org.apache.catalina.LifecycleException: Protocol handler start failed
at org.apache.catalina.connector.Connector.startInternal(Connector.java:960) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) [tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.catalina.core.StandardService.addConnector(StandardService.java:225) [tomcat-embed-core-9.0.12.jar:9.0.12]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:259) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:197) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:300) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:162) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:549) [spring-context-5.1.2.RELEASE.jar:5.1.2.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:140) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:775) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:316) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1260) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1248) [spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
at com.anz.cis.lwc.LwcMediationServiceV1Application.main(LwcMediationServiceV1Application.java:20) [classes/:?]
Caused by: java.lang.IllegalArgumentException: the trustAnchors parameter must be non-empty
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:114) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:224) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1108) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:550) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.catalina.connector.Connector.startInternal(Connector.java:957) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
... 14 more
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
at java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200) ~[?:1.8.0_151]
at java.security.cert.PKIXParameters.<init>(PKIXParameters.java:157) ~[?:1.8.0_151]
at java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:130) ~[?:1.8.0_151]
at org.apache.tomcat.util.net.jsse.JSSEUtil.getParameters(JSSEUtil.java:390) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.tomcat.util.net.jsse.JSSEUtil.getTrustManagers(JSSEUtil.java:314) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:112) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:224) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1108) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:550) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
at org.apache.catalina.connector.Connector.startInternal(Connector.java:957) ~[tomcat-embed-core-9.0.12.jar:9.0.12]
org.apache.catalina.LifecycleException:协议处理程序启动失败
在org.apache.catalina.connector.connector.startInternal(connector.java:960)~[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.catalina.core.StandardService.addConnector(StandardService.java:225)[tomcat-embed-core-9.0.12.jar:9.0.12]
位于org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:259)[spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
位于org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:197)[spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
位于org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:300)[spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
位于org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:162)[spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
在org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:549)[spring-context-5.1.2.RELEASE.jar:5.1.2.RELEASE]
在org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:140)[spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
在org.springframework.boot.SpringApplication.refresh(SpringApplication.java:775)[spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
位于org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397)[spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
在org.springframework.boot.SpringApplication.run(SpringApplication.java:316)[spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
在org.springframework.boot.SpringApplication.run(SpringApplication.java:1260)[spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
在org.springframework.boot.SpringApplication.run(SpringApplication.java:1248)[spring-boot-2.1.0.RELEASE.jar:2.1.0.RELEASE]
在com.anz.cis.lwc.LwcMediationServiceV1Application.main(LwcMediationServiceV1Application.java:20)[classes/:?]
原因:java.lang.IllegalArgumentException:trustAnchors参数必须为非空
在org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:114)~[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85)~[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:224)~[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1108)~[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:550)~[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.catalina.connector.connector.startInternal(connector.java:957)~[tomcat-embed-core-9.0.12.jar:9.0.12]
... 14多
原因:java.security.invalidalgorithParameterException:trustAnchors参数必须为非空
在java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200)~[?:1.8.0_151]
在java.security.cert.PKIXParameters.(PKIXParameters.java:157)~[?:1.8.0_151]
在java.security.cert.PKIXBuilderParameters.(PKIXBuilderParameters.java:130)~[?:1.8.0_151]
在org.apache.tomcat.util.net.jsse.JSSEUtil.getParameters(JSSEUtil.java:390)~[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.tomcat.util.net.jsse.JSSEUtil.getTrustManagers(JSSEUtil.java:314)~[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:112)~[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:85)~[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:224)~[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1108)~[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:550)~[tomcat-embed-core-9.0.12.jar:9.0.12]
在org.apache.catalina.connector.connector.startInternal(connector.java:957)~[tomcat-embed-core-9.0.12.jar:9.0.12]
java.security.cert.PKIXParameters. Set<TrustAnchor> hashSet = new HashSet<TrustAnchor>();
Enumeration<String> aliases = keystore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keystore.isCertificateEntry(alias)) {
Certificate cert = keystore.getCertificate(alias);
if (cert instanceof X509Certificate)
hashSet.add(new TrustAnchor((X509Certificate)cert, null));
}
}
setTrustAnchors(hashSet);
您可能还想查看,其中提供了有关如何创建这些文件的详细说明。您的信任存储文件很可能不包含任何X509证书。如果您从堆栈跟踪中查看
java.security.cert.PKIXParameters. Set<TrustAnchor> hashSet = new HashSet<TrustAnchor>();
Enumeration<String> aliases = keystore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keystore.isCertificateEntry(alias)) {
Certificate cert = keystore.getCertificate(alias);
if (cert instanceof X509Certificate)
hashSet.add(new TrustAnchor((X509Certificate)cert, null));
}
}
setTrustAnchors(hashSet);
您可能还想查看提供了有关如何创建这些文件的详细说明的。如果我仅使用信任存储,则会出现以下错误:原因:java.io.IOException:SSLHostConfig属性certificate文件在使用SSL连接器时必须定义如果我仅使用信任存储,则会出现以下错误:原因by:java.io.IOException:SSLHostConfig属性certificateFile必须在使用SSL ConnectorLink时定义,我已使用上述密钥工具命令进行检查,发现存在证书:密钥库类型:JKS密钥库提供程序:SUN您的密钥库包含1个条目别名:tq-bfdd1bc2-e9ce-4356-8e12-daef2a6c66c5创建日期:2020年4月17日条目类型:PrivateKeyEntry证书