tomcat 启动 证书异常java.io.IOException: Alias name [cas] does not identify a key entry

  在搭建CAS server的过程中,Tomcat开启https,配置秘钥证书,证书是通过keytool生成的

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
               maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="true" sslProtocol="TLS" keystoreFile="/home/workspace/server.keystore"  
               keystorePass="111111"/>

  启动tamcat后,提示如下报错

org.apache.catalina.LifecycleException: Failed to initialize component [Connector[org.apache.coyote.http11.Http11Protocol-8443]]
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:112)
    at org.apache.catalina.core.StandardService.initInternal(StandardService.java:549)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
    at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:875)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:632)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:655)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:309)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:492)
Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:995)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
    ... 12 more
Caused by: java.lang.IllegalArgumentException: Alias name [null] does not identify a key entry
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:116)
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:87)
    at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:225)
    at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1086)
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:268)
    at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:581)
    at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:68)
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:993)
    ... 13 more
Caused by: java.io.IOException: Alias name [null] does not identify a key entry
    at org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:242)
    at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:114)
    ... 20 more

  解决

  重新生成秘钥,并且通过keytool -list -keystore thekeystore

检查秘钥的类型,是PrivateKeyEntry就正常了。

  • PrivateKeyEntry,为私钥,配置在tomcat的server.xml(CAS服务端)
  • trustedCertEntry,为公钥,配置在jdk(应用服务端)
posted @ 2018-07-12 16:50  木易森林  阅读(2341)  评论(0编辑  收藏  举报