標籤:reflect div 包含 .com https com sign apache eth
tomcat8.5版本和tomcat8.0有了很大的區別,預設的server.xml中https的配置方式也有了變化:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" secure="true" URIEncoding="UTF-8" useBodyEncodingForURI="true"> <SSLHostConfig certificateVerification="optional"> <Certificate certificateKeystoreFile="${catalina.home}/bin/mykey.jks" certificateKeystorePassword="mypassword"/> </SSLHostConfig></Connector>
然而當啟動的時候,卻報出了null 指標錯誤:
02-Dec-2016 17:49:02.885 警告 [main] org.apache.tomcat.util.net.openssl.OpenSSLContext.init Error initializing SSL context java.lang.NullPointerException at org.apache.tomcat.util.net.openssl.OpenSSLContext.init(OpenSSLContext.java:281) at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:101) at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:81) at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:245) at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:875) at org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:213) at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:558) at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:65) at org.apache.catalina.connector.Connector.initInternal(Connector.java:968) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) at org.apache.catalina.core.StandardService.initInternal(StandardService.java:549) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:875) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107) at org.apache.catalina.startup.Catalina.load(Catalina.java:606) at org.apache.catalina.startup.Catalina.load(Catalina.java:629) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:311) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:494)
查原始碼發現,tomcat8.5代碼中要求有別名,如果沒有配置,預設使用“tomcat”作為別名。顯然,我們的認證別名不會是tomcat。
我們可以使用如下命令查看認證的別名:
keytool -list -v -keystore xxxx.keystore -storepass 密碼
比如:
D:\tomcat\tomcat858s\bin>keytool -list -v -keystore mykey.jks -storepass mypassword
密鑰庫類型: JKS密鑰庫提供方: SUN您的密鑰庫包含 1 個條目別名: 1建立日期: 2016-3-10項目類型: PrivateKeyEntry憑證鏈結長度: 3認證[1]:所有者: CN=*.guyezhai.com, O=XXXXXXXXXXXXXXXXXX, L=北京市, ST=北京市, C=CN發行者: CN=WoSign Class 3 OV Server CA G2, O=WoSign CA Limited, C=CN序號: 567ab6b63782bdb9e44eba04dc27efe8有效期間開始日期: Thu Mar 10 17:19:17 CST 2016, 到期日: Fri Mar 10 17:19:17 CST 2017認證指紋: MD5: 72:67:7C:5A:4F:D8:5F:C7:D1:A2:71:53:C5:4A:EE:A3 SHA1: F7:58:A7:4A:65:DD:B9:5F:51:37:91:33:06:C9:3E:29:3D:A7:3D:E2 SHA256: 60:62:E0:70:7C:BD:BA:05:E8:87:28:33:8E:4D:2A:2B:5C:A7:30:D0:F0:7A:66:B6:D7:9D:B0:D7:27:65:BA:19 簽名演算法名稱: SHA256withRSA 版本: 3...
可以看到,此認證的別名是“1”,我們就可以在server.xml中配置別名了:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" secure="true" URIEncoding="UTF-8" useBodyEncodingForURI="true"> <SSLHostConfig certificateVerification="optional"> <Certificate certificateKeystoreFile="${catalina.home}/bin/mykey.jks" certificateKeystorePassword="mypassword" certificateKeyAlias="1"/> </SSLHostConfig></Connector>
添加certificateKeyAlias="1"
然後再次啟動tomcat,null 指標報錯就消失了。
Tomcat8.5配置https啟動報null 指標錯誤
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
