Java https 后的 Spring 启动:配置为侦听端口 8444 的 Tomcat 连接器启动失败。
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/47535131/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Spring boot after https: The Tomcat connector configured to listen on port 8444 failed to start.
提问by cbll
I followed a guide to enable https in Spring Boot. The application was beforehand working on https://localhost:8080
我按照指南在 Spring Boot 中启用 https。该应用程序事先在https://localhost:8080 上工作
I've created a keystore.jkswhich is in the same directory as my application.properties, which now looks like:
我创建了一个keystore.jks与 my 位于同一目录中的application.properties,现在看起来像:
# Define a custom port instead of the default 8080
server.port = 8444
# Tell Spring Security (if used) to require requests over HTTPS
security.require-ssl=true
# The format used for the keystore
server.ssl.key-store-type:PKCS12
# The path to the keystore containing the certificate
server.ssl.key-store=keystore.p12
# The password used to generate the certificate
server.ssl.key-store-password=<somepassword>
# The alias mapped to the certificate
server.ssl.key-alias=tomcat
Now, if I run the main method to start the spring boot app, it throws:
现在,如果我运行 main 方法来启动 spring boot 应用程序,它会抛出:
Description:
The Tomcat connector configured to listen on port 8444 failed to start. The port may already be in use or the connector may be misconfigured.
Action:
Verify the connector's configuration, identify and stop any process that's listening on port 8444, or configure this application to listen on another port.
The port isn't in use, so it must be misconfiguration?
端口未使用,所以一定是配置错误?
I'm unsure of what to change. It's a simple SPA app, Spring just serves an index.html and has a single REST endpoint. How should tomcat/spring be configured to accept https in this case, and start up without errors?
我不确定要改变什么。这是一个简单的 SPA 应用程序,Spring 只提供一个 index.html 并有一个 REST 端点。在这种情况下,tomcat/spring 应该如何配置接受https,并且启动没有错误?
采纳答案by Johna
I too had the same problem and was able to fix it. My problem was generating the keystore.p12file.
我也有同样的问题,并且能够修复它。我的问题是生成keystore.p12文件。
If you have a certificate file and private key file, you can generatekeystore.p12file using following command.
如果您有证书文件和私钥文件,则可以keystore.p12使用以下命令生成文件。
openssl pkcs12 -export -in <mycert.crt> -inkey <mykey.key> -out keystore.p12 -name <alias>
You will be prompted for a password,there you can enter a password you like.
Once the keystore file is generated copy it to the directory where your .jarfile exist.
系统会提示您输入密码,您可以在那里输入您喜欢的密码。生成密钥库文件后,将其复制到文件所在的目录.jar。
Following is a working example configuration.
以下是一个工作示例配置。
server.port=8443
security.require-ssl=true
server.ssl.key-store-type=PKCS12
server.ssl.key-store=file:keystore.p12
server.ssl.key-store-password=<password>
server.ssl.key-alias=<alias>
Note the key store file path file:keystore.p12if it is going to reside in the same directory as the executable .jarfile.
file:keystore.p12如果要与可执行.jar文件位于同一目录中,请注意密钥存储文件路径。
回答by yogendra narayan
回答by Mohsen Zamani
I had same problem. for me server.ssl.key-aliaswas set to a wrong key. So, it sounds that some servermis-configurations in application.propertiescan cause this error message to appear.
我有同样的问题。对我来说server.ssl.key-alias被设置为错误的键。因此,听起来application.properties中的某些服务器错误配置会导致出现此错误消息。
回答by Prasanna Veeramani
I had the same issue as well but in my case the file path (in application.properties) for keystore file was incorrect on Linux and causing this error message.
我也遇到了同样的问题,但在我的情况下,密钥库文件的文件路径(在 application.properties 中)在 Linux 上不正确并导致此错误消息。
回答by Ruthwik
I solved the same issue by using the following configuration
我通过使用以下配置解决了同样的问题
# Define a custom port instead of the default 8080
server.port=8443
# Tell Spring Security (if used) to require requests over HTTPS
security.require-ssl=true
# The format used for the keystore
server.ssl.key-store-type=PKCS12
# The path to the keystore containing the certificate
server.ssl.key-store=src/main/resources/keystore.p12
# The password used to generate the certificate
server.ssl.key-store-password=root0
I removed alias name and it worked perfectly. "You probably won't need a key alias, since there will only be one key entry" referred from TOMCAT SSL Error: Alias name does not identify a key entry
我删除了别名,它工作得很好。“您可能不需要密钥别名,因为只有一个密钥条目”来自 TOMCAT SSL 错误:别名不能识别密钥条目
回答by Sireesh Yarlagadda
From Spring Boot 2.0 and higher, you can ignore this property.
从 Spring Boot 2.0 及更高版本开始,您可以忽略此属性。
security.require-ssl=true
To enable SSL, use the below configuration in your application.properties
要启用 SSL,请在 application.properties 中使用以下配置
The format used for the keystore
用于密钥库的格式
server.ssl.key-store-type=JKS
server.ssl.key-store-type=JKS
The path to the keystore containing the certificate
包含证书的密钥库的路径
server.ssl.key-store=classpath:somecert.jks
server.ssl.key-store=classpath:somecert.jks
The password used to generate the certificate
用于生成证书的密码
server.ssl.key-store-password=password
server.ssl.key-store-password=密码
The alias mapped to the certificate
映射到证书的别名
server.ssl.key-alias=alias_name
server.ssl.key-alias=alias_name
Note : server.ssl.key-store refers to the keystore location. Use classpath prefix, if it is present in src/main/resources. Otherwise use, file:/some/location.
注意:server.ssl.key-store 指的是密钥库位置。使用类路径前缀,如果它存在于 src/main/resources 中。否则使用,file:/some/location。
