我使用 LetsEncrypt 的 certbot 生成证书。然后使用 openssl 将其转换为 pkcs12 证书。当我使用生成的证书在 ECS 优化的 EC2 实例中将我的应用程序作为 docker 容器运行时,我得到以下堆栈跟踪。奇怪的是,如果我复制证书并在本地使用相同的 docker 镜像运行它 - 这有效,没有堆栈跟踪!
可能是一个愚蠢的错误,但我似乎找不到任何好的解释。我尝试过以下方法:
- 基础镜像采用openjdk/openjdk8:alpine-jre
- 基础镜像采用openjdk/openjdk11:alpine-jre
- 基础镜像 openjdk:11
- Spring Boot 2.2.4-RELEASE 和 2.2.6-RELEASE
堆栈跟踪:
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v2.2.6.RELEASE)
2020-04-17 23:46:37.558 INFO 1 --- [ main] com.gold.ruecoco.RuecocoApplicationKt : Starting RuecocoApplicationKt on f8e67a174013 with PID 1 (/home/ruecoco-0.0.1-SNAPSHOT.jar started by root in /)
2020-04-17 23:46:37.567 INFO 1 --- [ main] com.gold.ruecoco.RuecocoApplicationKt : The following profiles are active: default
2020-04-17 23:46:41.475 INFO 1 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data JPA repositories in DEFAULT mode.
2020-04-17 23:46:41.913 INFO 1 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 411ms. Found 2 JPA repository interfaces.
2020-04-17 23:46:44.552 INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tocmat initialized with port(s): 8443 (https)
2020-04-17 23:46:44.593 INFO 1 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2020-04-17 23:46:44.594 INFO 1 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.33]
2020-04-17 23:46:44.800 INFO 1 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2020-04-17 23:46:44.800 INFO 1 --- [ main] o.s.web.context.ContextLoader : Root WebApplicationContext: initialization completed in 7031 ms
2020-04-17 23:46:45.204 INFO 1 --- [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Starting...
2020-04-17 23:46:45.828 INFO 1 --- [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Start completed.
2020-04-17 23:46:48.519 INFO 1 --- [ main] liquibase.executor.jvm.JdbcExecutor : SELECT COUNT(*) FROM public.databasechangeloglock
2020-04-17 23:46:48.522 INFO 1 --- [ main] liquibase.executor.jvm.JdbcExecutor : SELECT COUNT(*) FROM public.databasechangeloglock
2020-04-17 23:46:48.526 INFO 1 --- [ main] liquibase.executor.jvm.JdbcExecutor : SELECT LOCKED FROM public.databasechangeloglock WHERE ID=1
2020-04-17 23:46:48.562 INFO 1 --- [ main] l.lockservice.StandardLockService : Successfully acquired change log lock
2020-04-17 23:46:51.968 INFO 1 --- [ main] liquibase.executor.jvm.JdbcExecutor : SELECT MD5SUM FROM public.databasechangelog WHERE MD5SUM IS NOT NULL LIMIT 1
2020-04-17 23:46:51.978 INFO 1 --- [ main] liquibase.executor.jvm.JdbcExecutor : SELECT COUNT(*) FROM public.databasechangelog
2020-04-17 23:46:51.980 INFO 1 --- [ main] l.c.StandardChangeLogHistoryService : Reading from public.databasechangelog
2020-04-17 23:46:51.982 INFO 1 --- [ main] liquibase.executor.jvm.JdbcExecutor : SELECT * FROM public.databasechangelog ORDER BY DATEEXECUTED ASC, ORDEREXECUTED ASC
2020-04-17 23:46:52.023 INFO 1 --- [ main] l.lockservice.StandardLockService : Successfully released change log lock
2020-04-17 23:46:52.345 INFO 1 --- [ main] o.hibernate.jpa.internal.util.LogHelper : HHH000204: Processing PersistenceUnitInfo [name: default]
2020-04-17 23:46:52.573 INFO 1 --- [ main] org.hibernate.Version : HHH000412: Hibernate ORM core version 5.4.12.Final
2020-04-17 23:46:52.951 INFO 1 --- [ main] o.hibernate.annotations.common.Version : HCANN000001: Hibernate Commons Annotations {5.1.0.Final}
2020-04-17 23:46:53.191 INFO 1 --- [ main] org.hibernate.dialect.Dialect : HHH000400: Using dialect: org.hibernate.dialect.PostgreSQL10Dialect
2020-04-17 23:46:55.337 INFO 1 --- [ main] o.h.e.t.j.p.i.JtaPlatformInitiator : HHH000490: Using JtaPlatform implementation: [org.hibernate.engine.transaction.jta.platform.internal.NoJtaPlatform]
2020-04-17 23:46:55.360 INFO 1 --- [ main] j.LocalContainerEntityManagerFactoryBean : Initialized JPA EntityManagerFactory for persistence unit 'default'
2020-04-17 23:46:59.496 INFO 1 --- [ main] c.o.m.g.b.GraphQLWebAutoConfiguration : Building GraphQLObjectMapper including errorHandler: null
2020-04-17 23:47:01.336 INFO 1 --- [ main] o.s.s.concurrent.ThreadPoolTaskExecutor : Initializing ExecutorService 'applicationTaskExecutor'
2020-04-17 23:47:01.553 INFO 1 --- [ main] o.s.b.a.w.s.WelcomePageHandlerMapping : Adding welcome page: class path resource [META-INF/resources/index.html]
2020-04-17 23:47:02.582 INFO 1 --- [ main] o.s.b.a.e.web.EndpointLinksResolver : Exposing 2 endpoint(s) beneath base path '/actuator'
2020-04-17 23:47:02.926 ERROR 1 --- [ main] org.apache.tomcat.util.net.SSLUtilBase : Failed to load keystore type [ PKCS12] with path [file:/certificate/keystore.p12] due to [ PKCS12 not found]
java.security.KeyStoreException: PKCS12 not found
at java.security.KeyStore.getInstance(KeyStore.java:851) ~[na:1.8.0_242]
at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:185) [tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:206) [tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:283) [tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:247) [tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:97) [tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71) [tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:217) [tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1141) [tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1227) [tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:592) [tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1035) [tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) [tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.catalina.core.StandardService.addConnector(StandardService.java:227) [tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:278) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:197) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:297) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:163) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:553) [spring-context-5.2.5.RELEASE.jar!/:5.2.5.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:747) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:315) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1226) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1215) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at com.gold.ruecoco.RuecocoApplicationKt.main(RuecocoApplication.kt:14) [classes!/:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_242]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_242]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_242]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_242]
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:48) [ruecoco-0.0.1-SNAPSHOT.jar:na]
at org.springframework.boot.loader.Launcher.launch(Launcher.java:87) [ruecoco-0.0.1-SNAPSHOT.jar:na]
at org.springframework.boot.loader.Launcher.launch(Launcher.java:51) [ruecoco-0.0.1-SNAPSHOT.jar:na]
at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:52) [ruecoco-0.0.1-SNAPSHOT.jar:na]
Caused by: java.security.NoSuchAlgorithmException: PKCS12 KeyStore not available
at sun.security.jca.GetInstance.getInstance(GetInstance.java:159) ~[na:1.8.0_242]
at java.security.Security.getImpl(Security.java:695) ~[na:1.8.0_242]
at java.security.KeyStore.getInstance(KeyStore.java:848) ~[na:1.8.0_242]
... 33 common frames omitted
2020-04-17 23:47:02.929 INFO 1 --- [ main] o.apache.catalina.core.StandardService : Stopping service [Tomcat]
2020-04-17 23:47:02.938 WARN 1 --- [ main] o.a.c.loader.WebappClassLoaderBase : The web application [ROOT] appears to have started a thread named [HikariPool-1 housekeeper] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:
sun.misc.Unsafe.park(Native Method)
java.util.concurrent.locks.LockSupport.parkNanos(LockSupport.java:215)
java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.awaitNanos(AbstractQueuedSynchronizer.java:2078)
java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:1093)
java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:809)
java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1074)
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1134)
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
java.lang.Thread.run(Thread.java:748)
2020-04-17 23:47:02.949 INFO 1 --- [ main] ConditionEvaluationReportLoggingListener :
Error starting ApplicationContext. To display the conditions report re-run your application with 'debug' enabled.
2020-04-17 23:47:02.951 ERROR 1 --- [ main] o.s.boot.SpringApplication : Application run failed
org.springframework.boot.web.server.WebServerException: Unable to start embedded Tomat server
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:215) ~[spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:297) ~[spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:163) ~[spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:553) ~[spring-context-5.2.5.RELEASE.jar!/:5.2.5.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141) ~[spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:747) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:315) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1226) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1215) [spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at com.gold.ruecoco.RuecocoApplicationKt.main(RuecocoApplication.kt:14) [classes!/:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_242]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_242]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_242]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_242]
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:48) [ruecoco-0.0.1-SNAPSHOT.jar:na]
at org.springframework.boot.loader.Launcher.launch(Launcher.java:87) [ruecoco-0.0.1-SNAPSHOT.jar:na]
at org.springframework.boot.loader.Launcher.launch(Launcher.java:51) [ruecoco-0.0.1-SNAPSHOT.jar:na]
at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:52) [ruecoco-0.0.1-SNAPSHOT.jar:na]
Caused by: java.lang.IllegalArgumentException: standardService.connector.startFailed
at org.apache.catalina.core.StandardService.addConnector(StandardService.java:231) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:278) ~[spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:197) ~[spring-boot-2.2.6.RELEASE.jar!/:2.2.6.RELEASE]
... 18 common frames omitted
Caused by: org.apache.catalina.LifecycleException: Protocol handler start failed
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1038) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.catalina.core.StandardService.addConnector(StandardService.java:227) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
... 20 common frames omitted
Caused by: java.lang.IllegalArgumentException: Failed to load keystore type [ PKCS12] with path [file:/certificate/keystore.p12] due to [ PKCS12 not found]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:99) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:217) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1141) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1227) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:592) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1035) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
... 22 common frames omitted
Caused by: java.io.IOException: Failed to load keystore type [ PKCS12] with path [file:/certificate/keystore.p12] due to [ PKCS12 not found]
at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:229) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:206) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:283) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:247) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:97) ~[tomcat-embed-core-9.0.33.jar!/:9.0.33]
... 28 common frames omitted
2020-04-17 23:47:03.001 WARN 1 --- [ main] o.s.b.f.support.DisposableBeanAdapter : Invocation of destroy method failed on bean with name 'tomcatMetricsBinder': java.lang.NullPointerException
2020-04-17 23:47:03.009 INFO 1 --- [ main] o.s.s.concurrent.ThreadPoolTaskExecutor : Shutting down ExecutorService 'applicationTaskExecutor'
2020-04-17 23:47:03.014 INFO 1 --- [ main] j.LocalContainerEntityManagerFactoryBean : Closing JPA EntityManagerFactory for persistence unit 'default'
2020-04-17 23:47:03.022 INFO 1 --- [ main] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Shutdown initiated...
最佳答案
所描述的内容没有问题 - 我不小心在我的 ecs 任务定义(aws 中的容器定义)中为环境变量 server.ssl.keyStoreType 添加了额外的“空格”,删除它解决了问题!
关于java - 如何在 Dockerized Spring Boot 应用程序中启用 https(未找到 PKCS12),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/61282757/