JWorld@TW the best professional Java site in Taiwan
      註冊 | 登入 | 全文檢索 | 排行榜  

» JWorld@TW » Application Server » Tomcat  

按列印兼容模式列印這個話題 列印話題    把這個話題寄給朋友 寄給朋友   
reply to topicthreaded modego to previous topicgo to next topic
己加入精華區
by koji at 2007-12-12 17:25
本主題所含的標籤
無標籤
作者 Tomcat SSL 問題 [精華]
secretguest0824

別當出頭鳥



發文: 354
積分: 1
於 2006-12-22 14:50 user profilesend a private message to usersend email to secretguest0824reply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
各位大大好:
小弟再測Tomcat使用SSL,想使用Java程式透過https送檔案,由JSP接收檔案存檔,但現在卻卡在SSL這關,因為小弟對這一塊真的是看的霧煞煞。

小弟的執行環境如下,
JDK1.5、Tomcat5.5

Server.xml設定如下:
<Connector
enableLookups="true"
port="8443"
redirectPort="-1"
scheme="https"
keystoreFile=".keystore"
keystorePass="admin123"
sslProtocol="TLS"
keystoreType="JKS"
uRIEncoding="null"
algorithm="SunX509"
clientAuth="false"
acceptCount="10">
</Connector>


並以這行產生keystore:
keytool -genkey -alias tomcat -keyalg RSA
結果這個.keystore檔產生在C:\Documents and Settings\xxx下(不知道為什麼在這裡..)
然後我把.keystore移到C:\Program Files\Apache Software Foundation\Tomcat 5.5\
再重新啟動Tomcat,跑https://localhost:8443/,出現找不到伺服器或 DNS 錯誤
看過之前一些大哥的文章和Tomcat的說明,說要先產生CSR,然後download Chain Certificate,我之前有download過Verisign.com trial certificates的Root CA Certificate並將他import到.keystore中但還是出現找不到伺服器:
或 DNS 錯誤
:
keytool -import -alias root -keystore .keystore -trustcacerts -file root.cer
唉,玩到快瘋掉....
請教各位大大,.keystore檔是擺在C:\Program Files\Apache Software Foundation\Tomcat 5.5這個路徑嗎?用SSL一定要Chain Certificate和Tomcat說明中的Certificate(我在Verisign.com找不到申請的地方)?and...我的設定有錯誤嗎?


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:secretguest0824]
secretguest0824

別當出頭鳥



發文: 354
積分: 1
於 2006-12-22 17:09 user profilesend a private message to usersend email to secretguest0824reply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
各位大大,小弟又試了一次,雖然還有問題,但總算有所進展!
先將步驟列出如下:
1.Server.xml沒有改,但我重新產生一次.keystore:
C:\Program Files\Java\jdk1.5.0_10\bin>keytool -genkey -alias tomcat -keyalg RSA
輸入 keystore 密碼: admin123
您的名字與姓氏為何?
[Unknown]: localhost這個好像不能亂打,要打domain name..
您的編制單位名稱為何?
[Unknown]: fpg
您的組織名稱為何?
[Unknown]: fpg
您所在的城市或地區名稱為何?
[Unknown]: fpg
您所在的州及省份名稱為何?
[Unknown]: fpg
該單位的二字國碼為何
[Unknown]: tw
CN=localhost, OU=fpg, O=fpg, L=fpg, ST=fpg, C=tw 正確嗎?
[否]: Y
輸入 <tomcat> 的主密碼
(RETURN 如果和 keystore 密碼相同): admin123

2.當然它還是產生在C:\Documents and Settings\xxx下,我就把它複製到C:\Program Files\Java\jdk1.5.0_10\bin

3.到http://www.verisign.com/support/verisign-intermediate-ca/Trial_Secure_Server_Root/index.html複製文字(Root CA Certificates)存在C:\Program Files\Java\jdk1.5.0_10\bin\root.cer

4.將root.cer加到.keystore中:
C:\Program Files\Java\jdk1.5.0_10\bin>keytool -import -alias root -keystore .key
store -trustcacerts -file root.cer
輸入 keystore 密碼: admin123
Owner: CN=VeriSign Trial Secure Server Test Root CA, OU="For Test Purposes Only.
No assurances.", O="VeriSign, Inc.", C=US
發照者: CN=VeriSign Trial Secure Server Test Root CA, OU="For Test Purposes Onl
y. No assurances.", O="VeriSign, Inc.", C=US
序號: 20a897aedb8202dec136a04e26bd8773
有效期間: Wed Feb 09 08:00:00 CST 2005 直到: Sun Feb 09 07:59:59 CST 2025
認認指紋:
MD5: B6:9D:A4:40:52:02:50:0DBig Smile5:9C:E1:B8:4B:66:C4:AC
SHA1: 81:A7:B1:CA:51:66Big Smile1:2D:CB:32:CA:00:21:C3:9E:49:54:73:56:65
信任這個認證? [否]: Y
認證已新增至 keystore 中

5.然後以https://localhost:8443/測試,出現安全性警告視窗,除了說這個憑證尚未被信任外,另外兩個都ok,按"是"就可以正常瀏覽了

6.但我用程式去傳送檔案測試卻出現sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
這是怎麼回事ㄚ?我的程式碼如下...懇請大大指點....
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
public boolean Send(File file,String strSuccessMessage) throws NetworkErrorException
  {
    boolean boolRetrun = false;
    try
    {
      
      URLConnection urlConn = url.openConnection();
    
      urlConn.setDoInput(true);
      urlConn.setDoOutput(true);
      urlConn.setUseCaches(false);
      urlConn.setRequestProperty("Content-Type","text/xml");
      
        FileInputStream bf=new FileInputStream(file);
      // Send POST output.
        DataOutputStream printout = new DataOutputStream(urlConn.getOutputStream());
       
        byte[] buf = new byte[2048];
      int num = bf.read(buf);
      while (num != (-1))// 是否讀完文件 
      {  
        printout.write(buf, 0, num);// 把文件內容寫到網路緩衝區
        num = bf.read(buf);// 繼續從文件中讀取數據
 
      }
      printout.flush();// 把緩衝區的數據寫往客戶端
      bf.close();
      printout.close();
      
      BufferedReader input = new BufferedReader(new InputStreamReader(
          urlConn.getInputStream()));
      String str = input.readLine().trim();
      if (str.equals(strSuccessMessage)) {
        boolRetrun = true;
      } else {
        boolRetrun = false;
      }
    }  
    catch(IOException ce)      // 網路傳輸斷線
    {
      if(TroubleDetector.DetectServer(this.url.getHost(), 80));
        throw new NetworkErrorException("網路發生問題!!",ce);
      
    }
    catch(Exception ce)
    {
      ce.printStackTrace();
      throw new NetworkErrorException("傳輸檔案發生問題!!",ce);
    }
    
    return boolRetrun;
  }


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:secretguest0824]
secretguest0824

別當出頭鳥



發文: 354
積分: 1
於 2006-12-25 14:34 user profilesend a private message to usersend email to secretguest0824reply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
各位大大好:
我參考了網路上的程式碼將程式改成下面這樣
但還是出現sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
我應該要看哪方面的資訊呢...

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
public boolean SendSSL (File file,String strSuccessMessage) throws NetworkErrorException
  {
    boolean boolRetrun = false;
    try {
      SSLServerSocketFactory sslserversocketfactory =
                (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
      SSLServerSocket sslserversocket =
                (SSLServerSocket) sslserversocketfactory.createServerSocket(intSSLPort);
      SSLSocket sslsocket = (SSLSocket) sslserversocket.accept();
      
      FileInputStream bf=new FileInputStream(file);
          DataOutputStream printout = new DataOutputStream(sslsocket.getOutputStream());
          byte[] buf = new byte[2048];
      int num = bf.read(buf);
      while (num != (-1))// 是否讀完文件 
      {  
        printout.write(buf, 0, num);// 把文件內容寫到網路緩衝區
        num = bf.read(buf);// 繼續從文件中讀取數據
 
      }
      printout.flush();// 把緩衝區的數據寫往客戶端
      bf.close();
      printout.close();
      BufferedReader input = new BufferedReader(new InputStreamReader(
          sslsocket.getInputStream()));
      String str = input.readLine().trim();
      if (str.equals(strSuccessMessage)) {
        boolRetrun = true;
      } else {
        boolRetrun = false;
      }
 
    } catch (IOException ce) {
      if(TroubleDetector.DetectServer(this.url.getHost(), 80));
      throw new NetworkErrorException("網路發生問題!!",ce);
    }
    catch(Exception ce)
    {
      ce.printStackTrace();
      throw new NetworkErrorException("傳輸檔案發生問題!!",ce);
    }
    return boolRetrun;
  }


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:secretguest0824]
secretguest0824

別當出頭鳥



發文: 354
積分: 1
於 2006-12-26 17:45 user profilesend a private message to usersend email to secretguest0824reply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
各位大大:
經過數十次嘗試後,總算在The Java Developers ALMANAC 1.4,Volume 1這本書找到答案,
將整個method程式碼公佈如下,供各位大大參考,
主要就是要先忽略對憑證的檢查,至於這樣Tomcat的keystore是否還要匯入跟憑證?還要在測試...:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
  /*
   * 以SSL傳送檔案
   */
  public boolean SendSSL(File file, String strSuccessMessage)
      throws NetworkErrorException {
    boolean boolRetrun = false;
    try {
      //
      // Disabling Certificate Validation in an HTTPConnection
      //
      // Create a trust manager that does not validate certificate chains
      TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
          return null;
        }
 
        public void checkClientTrusted(
            java.security.cert.X509Certificate[] certs,
            String authType) {
        }
 
        public void checkServerTrusted(
            java.security.cert.X509Certificate[] certs,
            String authType) {
        }
      } };
      // Install the all-trusting trust manager
      SSLContext sc = SSLContext.getInstance("SSL");
      sc.init(null, trustAllCerts, new java.security.SecureRandom());
      HttpsURLConnection
          .setDefaultSSLSocketFactory(sc.getSocketFactory());
      // Now you can access an https URL without having the certificate in
      // the truststore
      URL url = new URL(urlStr);
      URLConnection urlConn = url.openConnection();
      urlConn.setDoInput(true);
      urlConn.setUseCaches(false);
      urlConn.setRequestProperty("Content-Type", "text/xml");
      FileInputStream bf = new FileInputStream(file);
      // Send POST output.
      DataOutputStream printout = new DataOutputStream(urlConn
          .getOutputStream());
      byte[] buf = new byte[2048];
      int num = bf.read(buf);
      while (num != (-1))// 是否讀完文件
      {
        printout.write(buf, 0, num);// 把文件內容寫到網路緩衝區
        num = bf.read(buf);// 繼續從文件中讀取數據
      }
      printout.flush();// 把緩衝區的數據寫往客戶端
      bf.close();
      printout.close();
      BufferedReader input = null;
      try {
        input = new BufferedReader(new InputStreamReader(urlConn
            .getInputStream()));
      } catch (Exception e) {
        e.printStackTrace();
      }
      String str = input.readLine().trim();
      if (str.equals(strSuccessMessage)) {
        boolRetrun = true;
      } else {
        boolRetrun = false;
      }
    } catch (IOException ce) {
      if (TroubleDetector.DetectServer(this.url.getHost(), 80))
        ;
      throw new NetworkErrorException("網路發生問題!!", ce);
    } catch (Exception ce) {
      ce.printStackTrace();
      throw new NetworkErrorException("傳輸檔案發生問題!!", ce);
    }
    return boolRetrun;
  }


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:secretguest0824]
secretguest0824

別當出頭鳥



發文: 354
積分: 1
於 2006-12-26 17:49 user profilesend a private message to usersend email to secretguest0824reply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
更正:
要同時
urlConn.setDoInput(true);
urlConn.setDoOutput(true);
這樣才對


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:secretguest0824]
secretguest0824

別當出頭鳥



發文: 354
積分: 1
於 2006-12-26 18:19 user profilesend a private message to usersend email to secretguest0824reply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
ok...測過了..沒有匯入憑證是不行的
https://localhost:8443/不會通..
不過程是這樣寫
就算憑證過期也能用
也就是只要Download測試用的憑證就能一直用了

雖然有點奇怪..


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:secretguest0824]
secretguest0824

別當出頭鳥



發文: 354
積分: 1
於 2007-12-12 15:50 user profilesend a private message to usersend email to secretguest0824reply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
最近終於要把SSL用在檔案傳輸的實際專案上了,
今天去客戶那邊裝程式,哇咧...
跑的時候出現
hostname wrong: should be <xxx.xxx.xx.xx>
這種錯誤訊息.
看了一些網站發現傳輸的網址要跟keystore設定的CN一樣,而且不能為IP,必須為網域名稱!
完了,這樣又要多申請一個網址?
請問有沒有可以略過網址檢查的解決方式?


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:secretguest0824]
secretguest0824

別當出頭鳥



發文: 354
積分: 1
於 2007-12-12 16:29 user profilesend a private message to usersend email to secretguest0824reply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
secretguest0824 wrote:
最近終於要把SSL用在檔案傳輸的實際專案上了,
今天去客戶那邊裝程式,哇咧...
跑的時候出現
hostname wrong: should be <xxx.xxx.xx.xx>
這種錯誤訊息.
看了一些網站發現傳輸的網址要跟keystore設定的CN一樣,而且不能為IP,必須為網域名稱!
完了,這樣又要多申請一個網址?
請問有沒有可以略過網址檢查的解決方式?

我找到了解決方法
先做一個HostnameVerifier
1
2
3
4
5
6
7
8
/**
   * Host name verifier that does not perform nay checks.
   */
  private static class NullHostnameVerifier implements HostnameVerifier {
    public boolean verify(String hostname, SSLSession session) {
      return true;
    }
  }

再設定HttpsURLConnection:
1
HttpsURLConnection.setDefaultHostnameVerifier(new NullHostnameVerifier());

這樣就不會去檢查Host name了...
又省下一個網址的錢了...呼


reply to postreply to post
參見,出頭鳥 Blog
作者 Re:Tomcat SSL 問題 [Re:secretguest0824]
frankiakimo





發文: 7
積分: 0
於 2008-01-02 10:05 user profilesend a private message to userreply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
大大自己的問題處理掉囉
真是太辛苦啦
不過 應該自己又多學到東西了吧
多謝大大的分享囉


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:secretguest0824]
zrjian





發文: 80
積分: 0
於 2009-05-21 17:12 user profilesend a private message to userreply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
Sad
您好
個人測試結果:
(1)在firefox可以正常.
(2)使用ie7時,每次進入網站,必需每次安裝憑證(如附件所示).請教ie7是否需要其它的設定呢?
謝謝!


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:zrjian]
secretguest0824

別當出頭鳥



發文: 354
積分: 1
於 2009-05-21 17:21 user profilesend a private message to usersend email to secretguest0824reply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
zrjian wrote:
Sad
您好
個人測試結果:
(1)在firefox可以正常.
(2)使用ie7時,每次進入網站,必需每次安裝憑證(如附件所示).請教ie7是否需要其它的設定呢?
謝謝!

IE7我也沒測過, 但看到這個錯誤可以朝這兩個方向試試:
1.將網站加入信任的網站
2.將所需的憑證匯入IE7

建議先試第一種看看.


reply to postreply to post
參見,出頭鳥 Blog
作者 Re:Tomcat SSL 問題 [Re:secretguest0824]
zrjian





發文: 80
積分: 0
於 2009-05-21 17:54 user profilesend a private message to userreply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
secretguest0824 wrote:
IE7我也沒測過, 但看到這個錯誤可以朝這兩個方向試試:
1.將網站加入信任的網站
2.將所需的憑證匯入IE7

建議先試第一種看看.


您好

謝謝您的指導.
這二種方法我再試試看!

回查tomcat的說明中有一步驟我沒有作(如附件所示):
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html

也就是最後的一步驟:
[And finally import your new Certificate ]
keytool -import -alias tomcat -keystore <your_keystore_filename> \
  -file <your_certificate_filename>

這個certificate_filename是如何取得呢?

謝謝!

(縮略圖,點擊圖片鏈接看原圖)


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:zrjian]
secretguest0824

別當出頭鳥



發文: 354
積分: 1
於 2009-05-21 18:19 user profilesend a private message to usersend email to secretguest0824reply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
zrjian wrote:
您好

謝謝您的指導.
這二種方法我再試試看!

回查tomcat的說明中有一步驟我沒有作(如附件所示):
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html

也就是最後的一步驟:
[And finally import your new Certificate ]
keytool -import -alias tomcat -keystore <your_keystore_filename> \
  -file <your_certificate_filename>

這個certificate_filename是如何取得呢?

謝謝!


你可以找提供憑證的網站, 下載root憑證(一個文字檔)
看存在哪裡就是<your_certificate_filename>

你可以參考我之前提供的第三個步驟

3.到http://www.verisign.com/support/verisign-intermediate-ca/Trial_Secure_Server_Root/index.html複製文字(Root CA Certificates)存在C:\Program Files\Java\jdk1.5.0_10\bin\root.cer

4.將root.cer加到.keystore中:
C:\Program Files\Java\jdk1.5.0_10\bin>keytool -import -alias root -keystore .key
store -trustcacerts -file root.cer


reply to postreply to post
參見,出頭鳥 Blog
作者 Re:Tomcat SSL 問題 [Re:secretguest0824]
zrjian





發文: 80
積分: 0
於 2009-05-21 19:03 user profilesend a private message to userreply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
secretguest0824 wrote:
你可以找提供憑證的網站, 下載root憑證(一個文字檔)
看存在哪裡就是<your_certificate_filename>

你可以參考我之前提供的第三個步驟

3.到http://www.verisign.com/support/verisign-intermediate-ca/Trial_Secure_Server_Root/index.html複製文字(Root CA Certificates)存在C:\Program Files\Java\jdk1.5.0_10\bin\root.cer

4.將root.cer加到.keystore中:
C:\Program Files\Java\jdk1.5.0_10\bin>keytool -import -alias root -keystore .key
store -trustcacerts -file root.cer


您好
1.我是到tomcat 提供其中的一個網站(http://www.verisign.com/support/install2/intermediate.html)下載憑證.
然後執行你『提供的第三個步驟』.在firefox中,似乎不用第三個步驟,只要產生keystore,亦可執行ssl.
2.在附圖中,blue框應該是您的第三個步驟,而紅色框的用意為何?目前仍無法得知,而它又說是最後一個步驟.
謝謝!

(縮略圖,點擊圖片鏈接看原圖)


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:zrjian]
zrjian





發文: 80
積分: 0
於 2009-05-25 10:49 user profilesend a private message to userreply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
您好

終於成功了Smile.

謝謝!

原來是自已沒有注意您提出的注意事項:


您的名字與姓氏為何?
[Unknown]: localhost這個好像不能亂打,要打domain name..Smile


這個部份要設定為 Tomcat 所在主機的 IP. 不能任意給一組字串.


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:secretguest0824]
porsa





發文: 6
積分: 0
於 2009-07-29 17:54 user profilesend a private message to userreply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
Dead
不好意思,小弟照者步驟一個接一個做
並將.keystore檔案放在Tomcat6.0目錄下
但是仍然有錯誤
1
2
嚴重的: Error initializing endpoint
java.lang.Exception: No Certificate file specified or invalid file format

完整log如附件
重新安裝Tomcat過也依然如此
請問這問題究竟在哪呢?
Dead

catalina.2009-07-29.log (7.45k)


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:porsa]
tuu

每天搬資料的工蜂



發文: 96
積分: 0
於 2009-07-29 23:03 user profilesend a private message to userreply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
porsa wrote:
Dead
不好意思,小弟照者步驟一個接一個做
並將.keystore檔案放在Tomcat6.0目錄下
但是仍然有錯誤
1
2
嚴重的: Error initializing endpoint
java.lang.Exception: No Certificate file specified or invalid file format

完整log如附件
重新安裝Tomcat過也依然如此
請問這問題究竟在哪呢?
Dead


錯誤訊息已經說的很明顯
就是找不到keystoreFile
檢查一下server.xml中keystoreFile="keystore_path"的設定

可以是絕對路徑,win系統的目錄\要用\\跳脫


reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:tuu]
porsa





發文: 6
積分: 0
於 2009-07-30 09:09 user profilesend a private message to userreply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
tuu wrote:
錯誤訊息已經說的很明顯
就是找不到keystoreFile
檢查一下server.xml中keystoreFile="keystore_path"的設定

可以是絕對路徑,win系統的目錄\要用\\跳脫


用了絕對路徑依然出現同樣的錯誤Dead
再之前還有幾個警告訊息
1
2
3
4
5
6
2009/7/30 上午 09:05:22 org.apache.catalina.startup.SetAllPropertiesRule begin
警告: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'keystoreFile' to 'C:\\Program Files\\Apache Software Foundation\\Tomcat 6.0\\conf\\.keystore' did not find a matching property.
2009/7/30 上午 09:05:22 org.apache.catalina.startup.SetAllPropertiesRule begin
警告: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'keystorePass' to 'changeit' did not find a matching property.
2009/7/30 上午 09:05:22 org.apache.catalina.startup.SetAllPropertiesRule begin
警告: [SetAllPropertiesRule]{Server/Service/Connector} Setting property 'clientAuth' to 'false' did not find a matching property.


我的JDK版本是1.6 使用的是Tomcat 6.0
log如同上篇
再附上Server.xml

server.xml (6.56k)


porsa edited on 2009-07-30 09:22
reply to postreply to post
作者 Re:Tomcat SSL 問題 [Re:porsa]
tuu

每天搬資料的工蜂



發文: 96
積分: 0
於 2009-07-30 09:58 user profilesend a private message to userreply to postreply to postsearch all posts byselect and copy to clipboard. 
ie only, sorry for netscape users:-)add this post to my favorite list
1
2
3
    <Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" keystoreFile="D:/tomcat6/.keystore" keystorePass="your_passwd"/>


這段server.xml給你參考,keystoreFile="D:/tomcat6/.keystore"是用反斜線,是我記錯了 >.<


reply to postreply to post
» JWorld@TW »  Application Server » Tomcat

reply to topicthreaded modego to previous topicgo to next topic
  已讀文章
  新的文章
  被刪除的文章
Jump to the top of page

JWorld@TW 本站商標資訊

Powered by Powerful JuteForum® Version Jute 1.5.8