tomcat6.0.35配置SSL
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="C:/server2.jks" keystorePass="123456" truststoreFile="C:/server2.jks" truststorePass="123456" />
没问题。
同样把:
truststoreFile="C:/server2.jks" truststorePass="123456"
去掉,配置:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="C:/server2.jks" keystorePass="123456" />
也没问题。
见:http://gwh-08.iteye.com/blog/1517593
但是配置,采用如下命令生成的密钥
keytool -genkey -validity 36000 -alias www.guwh.org -keyalg RSA -keystore d:\gu.keystore -storepass 123456 -dname "CN=wh, OU=wh, O=wh, L=wh, ST=BJ, C=CN"
keytool -genkey -validity 36000 -alias www.zlex.org -keyalg RSA -keystore d:\zlex.keystore -storepass 123456 -dname "CN=zlex, OU=zlex, O=zlex, L=zlex, ST=BJ, C=CN" keytool -export -keystore d:\zlex.keystore -alias www.zlex.org -file d:\zlex.cer -rfc
keytool -import -alias www.zlex.org -file d:/zlex.cer -keystore d:/gu.keystore
配置:server.xml
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="D:/mygu.keystore" keystorePass="123456" />
就会报:
2013-1-30 10:09:32 org.apache.coyote.http11.Http11AprProtocol init 严重: Error initializing endpoint java.lang.Exception: No Certificate file specified or invalid file format at org.apache.tomcat.jni.SSLContext.setCertificate(Native Method) at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:733) at org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:107) at org.apache.catalina.connector.Connector.initialize(Connector.java:1049) at org.apache.catalina.core.StandardService.initialize(StandardService.java:703) at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:838) at org.apache.catalina.startup.Catalina.load(Catalina.java:538) at org.apache.catalina.startup.Catalina.load(Catalina.java:562) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413) 2013-1-30 10:09:32 org.apache.catalina.core.StandardService initialize 严重: Failed to initialize connector [Connector[HTTP/1.1-443]] LifecycleException: Protocol handler initialization failed: java.lang.Exception: No Certificate file specified or invalid file format at org.apache.catalina.connector.Connector.initialize(Connector.java:1051) at org.apache.catalina.core.StandardService.initialize(StandardService.java:703) at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:838) at org.apache.catalina.startup.Catalina.load(Catalina.java:538) at org.apache.catalina.startup.Catalina.load(Catalina.java:562) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
错误。
解决办法是采用下面的配置:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="D:/gu.keystore" keystorePass="123456" />
网上说这其实是:
就是将protocol="HTTP/1.1"替换为protocol="org.apache.coyote.http11.Http11Protocol",问题得以解决;
APR给Tomcat的性能提升起到很大作用,建议配置APR方式。
题外话:
如果辨别Tomcat是否采用APR:
启动Tomcat时,如果采用APR,日志中会有如下信息:
信息: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].
如果没有采用APR,启动时则显示类似的信息:
信息: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: ....后面省略
相关推荐
解决No input file specified
一.IIS Noinput file specified 方法一:改PHP.ini中的doc_root行,打开ini文件注释掉此行,然后重启IIS 方法二: 请修改php.ini 找到 ; cgi.force_redirect = 1 去掉前面分号,把后面的1改为0 即 cgi....
今天在自己本地的开发环境突然出现了No input file specified错误,反复检查返现自己的配置文件和配置路径以及权限都没有问题。经过反复的排查终于发现了问题,现将问题及解决分享如下: 问题原因分析 在GitHub上...
提示No input file specified的解决方法.docx
nginx提示No input file specified怎么办.docx
本文给出几种编程时提示No input file specified的解决方法。
vs常见编译错误集锦 vs常见编译错误集锦 vs常见编译错误集锦
电脑提示“No input file specified”怎么办.docx
Android wifi测试demo结合网上一些代码,编写的,实现了wifi扫描,连接,密码输入等功能
【LNMP】提示Nginx PHP “No input file specified”错误的解决办法
The PXF JDBC Connector now supports pushdown of OR and NOT logical filter operators when specified in a JDBC named query or in an external table query filter condition. PXF supports writing Avro-...
主要介绍了APACHE支持.htaccess伪静重写出错 No input file specified的解决方案,需要的朋友可以参考下
后来发现再次打开thinkphp时,网址进入登入页面,但是却显示”No input file specified”,如下图所示: 上网查了一下才知道,PHP5.6以上的是fast_cgi模式,而在某些情况下,不能正确识别path_info所造成的错误,这...
使用mdadm创建软RAID的具体操作步骤
Linux不像Windows一样,接上新硬件后可以自动识别,在Linux下无法自动识别新硬件的,需要手动去识别。USB移动存储设备通常被识别为sda1,具体可以通过fdisk -l命令查询。 在使用U盘前,我们先要为外挂点新建一个子...
Oracle10G控制台解决办法-Io 异常:Unknown host specified解决方法