Wor*_*tig 8 java configuration tomcat ssl-certificate
我按照本教程在 tomcat 中启用 ssl:https://medium.com/@raupach/how-to-install-lets-encrypt-with-tomcat-3db8a469e3d2
虽然tomcat最后运行了,但我无法访问https,说无法连接。所以我检查了日志,得到:
Caused by: java.io.IOException: SSLHostConfig attribute certificateFile must be defined when using an SSL connector
,但我的certificateFile 的定义如您所见:
<Connector port="443"
protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="100"
compression="on"
scheme="https"
SSLEnabled="true"
secure="true"
SSLVerifyClient="none"
SSLProtocol="TLSv1.2"
defaultSSLHostConfigName="test.test">
<SSLHostConfig hostName="test.test">
<Certificate certificateFile="conf/cert.pem" certificateKeyFile="conf/privkey.pem" certificateChainFile="conf/chain.pem" />
</SSLHostConfig>
</Connector>
这些文件存在于conf/中
tomcat 9 文档:https://tomcat.apache.org/tomcat-9.0-doc/config/http.html SSLHostConfig 和证书部分
Pio*_*asz 10
您混合使用新属性(自 Tomcat 8.5 起)和已弃用的属性(参见Tomcat 文档)。设置的效果,例如,SSLProtocol是创建第二个<SSLHostConfig>主机名_default_。这就是错误消息所指的元素。
您应该将过时的标签 (SSLVerifyClient和SSLProtocol) 替换为当前的对应标签(或者如果您想要默认值则忽略它们):
<Connector port="443"
protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="100"
compression="on"
scheme="https"
SSLEnabled="true"
secure="true"
defaultSSLHostConfigName="test.test">
<SSLHostConfig hostName="test.test"
protocols="TLSv1.2">
<Certificate certificateFile="conf/cert.pem"
certificateKeyFile="conf/privkey.pem"
certificateChainFile="conf/chain.pem" />
</SSLHostConfig>
</Connector>
备注:您使用的属性特定于 APR 连接器。如果该选择是有意为之,您应该将协议更改为org.apache.coyote.http11.Http11AprProtocol.
| 归档时间: |
|
| 查看次数: |
26893 次 |
| 最近记录: |