【问题标题】:How do I solve the error: Failed to load keystore type [PKCS12 ]如何解决错误:无法加载密钥库类型 [PKCS12]
【发布时间】:2020-12-15 21:28:12
【问题描述】:

我想在 Spring Boot 的安全端点上配置 https 的使用 我生成PKCS12格式的证书并将生成的证书放在资源文件夹下 当我运行 gradle build 命令时,我收到以下错误

2020-12-15 22:03:11.093  INFO 14592 --- [           main] o.s.s.web.DefaultSecurityFilterChain     : Creating filter chain: any request, [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@60c8a093, org.springframework.security.web.context.SecurityContextPersistenceFilter@2f2bff16, org.springframework.security.web.header.HeaderWriterFilter@599e4d41, org.springframework.security.web.csrf.CsrfFilter@36681447, org.springframework.security.web.authentication.logout.LogoutFilter@7efb53af, org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter@333c8791, org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter@588f63c, org.springframework.security.web.authentication.ui.DefaultLogoutPageGeneratingFilter@44cffc25, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@1457fde, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@fc807c1, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@7ecec90d, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@2a369e14, org.springframework.security.web.session.SessionManagementFilter@10f7c76, org.springframework.security.web.access.ExceptionTranslationFilter@70887727, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@237f7970]
2020-12-15 22:03:11.388 ERROR 14592 --- [           main] org.apache.tomcat.util.net.SSLUtilBase   : Failed to load keystore type [PKCS12 ] with path [file:/C:/Users/stein.PC01/Development/Tutorial/BasicAutentication/build/resources/main/certificate.p12%20] due to [PKCS12  not found]

java.security.KeyStoreException: PKCS12  not found
        at java.base/java.security.KeyStore.getInstance(KeyStore.java:871) ~[na:na]
        at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:184) ~[tomcat-embed-core-9.0.35.jar:9.0.35]

proerty 文件如下所示

server.ssl.key-store-type=PKCS12 
server.ssl.key-store=classpath:certificate.p12 
server.ssl.key-store-password=XXXXXXX

主程序

package com.laurentiuspilca.ssia;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
public class Main {

    public static void main(String[] args) {
        SpringApplication.run(Main.class, args);
    }

}

控制器看起来像这样

package com.laurentiuspilca.ssia.controllers;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class HelloController {

    @GetMapping("/hello")
    public String hello() {
        return "Hello!";
    }
}

SSL 生成命令是 openssl req -newkey rsa:2048 -x509 -keyout key.pem -out cert.pem -days 365 openssl pkcs12 -export -in cert.pem -inkey key.pem -out certificate.p12 -name "certificate"

gradle 文件如下所示:

plugins {
    id 'java'
    id 'org.springframework.boot' version '2.4.1'
}

repositories {
    mavenLocal()
    maven {
        url = uri('https://repo.maven.apache.org/maven2/')
    }
}

dependencies {
    implementation 'org.springframework.boot:spring-boot-starter-security:2.3.0.RELEASE'
    implementation 'org.springframework.boot:spring-boot-starter-web:2.3.0.RELEASE'
    testImplementation 'org.springframework.boot:spring-boot-starter-test:2.3.0.RELEASE'
    testImplementation 'org.springframework.security:spring-security-test:5.3.2.RELEASE'
    testImplementation 'io.rest-assured:spring-mock-mvc:4.3.1'
    testImplementation  'io.rest-assured:rest-assured-common:4.3.1'
}

group = 'com.laurentiuspilca'
version = '0.0.1-SNAPSHOT'
description = 'Hello World with user and password'
java.sourceCompatibility = JavaVersion.VERSION_1_8


tasks.withType(JavaCompile) {
    options.encoding = 'UTF-8'
}

【问题讨论】:

    标签: java ssl spring-security https pkcs#12


    【解决方案1】:

    我不确定,但classpath:certificate.p12 之后的问题可能是空白。错误为resources/main/certificate.p12%20]%20 表示空白字符。你能检查有没有空白?或者resources/main/certificate.p12中缺少证书文件?

    【讨论】:

    • 通过删除 server.ssl.key-store-type 和 server.ssl.key-store 后面的空白来修复错误
    【解决方案2】:

    通过删除 server.ssl.key-store-type 和 server.ssl.key-store

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 2012-08-30
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2019-10-21
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多