我想在 tomcat(版本 8)连接器中指定 slImplementationName 类名,这样 SSL 握手部分就不会考虑 java.security 中的默认顺序。
来自 tomcat 文档:-
"The class name of the SSL implementation to use. If not specified, the default of org.apache.tomcat.util.net.jsse.JSSEImplementation will be used which wraps JVM's default JSSE provider. Note that the JVM can be configured to use a different JSSE provider as the default"
但这并没有指定可以与该属性一起使用的来自java的实现类。
While trying to start tomcat by chnaging the attribut i am getting exception:-
06-Jun-2016 12:05:15.639 SEVERE [main] org.apache.catalina.core.StandardService.initInternal Failed to initialize connector [Connector[HTTP/1.1-9443]]
org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-9443]]
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:106)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:567)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:851)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.startup.Catalina.load(Catalina.java:576)
at org.apache.catalina.startup.Catalina.load(Catalina.java:599)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:310)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:484)
Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:962)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
... 12 more
Caused by: java.lang.ClassNotFoundException: Error loading SSL Implementation com.sun.security.sasl.Provider :java.lang.ClassCastException: com.sun.security.sasl.Provider cannot be cast to org.apache.tomcat.util.net.SSLImplementation
at org.apache.tomcat.util.net.SSLImplementation.getInstance(SSLImplementation.java:75)
at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:960)
... 13 more
我曾尝试使用“com.sun.net.ssl.internal.ssl.Provider”和“com.sun.security.sasl.Provider”,但没有成功。
任何指针都会非常有帮助。
最佳答案
sslImplementationName 类必须扩展 org.apache.tomcat.util.net.SSLImplementation。所以当你指定一个不满足这个条件的类时会抛出异常。
由于您的意图是更改加密服务提供商 的默认顺序。您应该覆盖每个 JVM 实例的安全配置。确保 $JRE_HOME/lib/security/java.security 中的 security.overridePropertiesFile=true。
然后修改Tomcat启动命令,添加系统属性:
-Djava.security.properties=_path_to_your_config_
对于 Java8,它可以附加或覆盖 $JRE_HOME/lib/security/java.security 中的设置。对于旧版本,它将完全覆盖所有设置。
关于java - 在 tomcat 连接器中指定 slImplementationName,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/37655944/