我有多个密钥库:K1存储我的应用程序在连接到外部ssl服务时使用的公用密钥 . 此外,我还有密钥库K2,它包含客户端应用程序连接到我的服务器应用程序时使用的证书 . 我用
-Djavax.net.ssl.trustStore=<path to K1>
和
<Connector port="8443" SSLEnabled="true" maxHttpHeaderSize="8192"
protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" minSpareThreads="25" maxSpareThreads="200"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="<K2>" keystorePass="..." keystoreType="JKS"
keyAlias="tomcat"/>
在我的tomcat配置中 . 当我添加第一行(-D)以使用另一个https服务时,Tomcat开始失败并且它的https连接器未运行:
2014年4月28日上午9:05:56 org.apache.tomcat.util.net.jsse.JSSESocketFactory getStore严重:无法使用path / data / iris / apps / iris-us-dev / security / riskblotter加载密钥库类型JKS -keystore由于Keystore被篡改,或密码w为不正确的java.io.IOException:Keystore被篡改,或者密码不正确
INFO: Starting Coyote HTTP/1.1 on http-8080
Apr 28, 2014 9:05:56 AM org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:8009
Apr 28, 2014 9:05:56 AM org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/23 config=null
Apr 28, 2014 9:05:56 AM org.apache.tomcat.util.net.jsse.JSSESocketFactory getStore
SEVERE: Failed to load keystore type JKS with path <PATH TO K1> due to Keystore was tampered with, or password w
as incorrect
java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:771)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
at java.security.KeyStore.load(KeyStore.java:1185)
看起来它试图使用K1作为HTTPS连接器的密钥库,而应该使用K2 . 在这种情况下是否可以有多个密钥库?