Tomcat 上的 SSL 证书 - 别名tomcat无法识别密钥

编程问答 2022-04-23

问题描述

我正在 Apache tomcat 中使用 SSL 证书。我已经创建了 CSR 并获得了一个 JKS 文件。然后当我将 CSR 交给证书颁发机构时,他们就给了我证书。当我使用以下命令测试 JKS 证书时,

keytool -list -keystore ava_bankasia-bd_com.jks

我得到了以下输出

Keystore type: PKCS12
Keystore provider: SUN

Your keystore contains 1 entry

tomcat,Jun 22,2021,trustedCertEntry,Certificate fingerprint (SHA-256): 7F:F3:C5:60:D1:E6:E5:04:2A:E8:2E:D1:D7:1A:92:DE:39:47:75:BD:06:25:0D:D0:CB:C0:55:BA:D6:2B:28:E9

然后我用下面的代码配置了tomcat:

<Connector port="443" 
           protocol="org.apache.coyote.http11.Http11Protocol"
           SSLEnabled="true" 
           maxThreads="150" 
           scheme="https" 
           secure="true"
           clientAuth="false" 
           sslProtocol="TLS"
           keystoreFile="/u01/csr_certificate/ava_bankasia-bd_com.jks"  
           keystorePass="-------"
           keyAlias="tomcat" />

我已经将它们全部导入到 Keystore 中(但显然不是!)但是我从 Tomcat 得到的错误是:'java.io.IOException Alias name does not identify a key entry。完整错误如下:

org.apache.catalina.LifecycleException: Protocol handler initialization Failed
        at org.apache.catalina.connector.Connector.initInternal(Connector.java:1076)
        at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
        at org.apache.catalina.core.StandardService.initInternal(StandardService.java:552)
        at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
        at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:846)
        at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
        at org.apache.catalina.startup.Catalina.load(Catalina.java:639)
        at org.apache.catalina.startup.Catalina.load(Catalina.java:662)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:302)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:472)
    Caused by: java.lang.IllegalArgumentException: Alias name [tomcat] does not identify a key entry
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:100)
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:72)
        at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:247)
        at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1143)
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:222)
        at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:599)
        at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:80)
        at org.apache.catalina.connector.Connector.initInternal(Connector.java:1074)
        ... 13 more
    Caused by: java.io.IOException: Alias name [tomcat] does not identify a key entry
        at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:336)
        at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:245)
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:98)
        ... 20 more

有什么想法吗?这是我第一次这样做,所以也许我搞砸了一些显而易见的事情?

站点在端口 80 上运行良好。

希望听到一些建议:)

解决方法

暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!

如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。

小编邮箱:dio#foxmail.com (将#修改为@)

aliasjavajavakeytoolssltomcattomcat