使用tomcat作为springboot内嵌服务器的应用集成TKSS #347
Assignees
Labels
question
Further information is requested
Comments
|
刚刚开发了一个使用Tomcat 9 embedded server的Demo。 总的看起来,Tomcat没有提供方便的API去使用定制的SSLContext。 |
|
KonaTomcatDemo.zip org.apache.catalina.LifecycleException: Protocol handler initialization failed
at com.kona.tomcat.demo.TkssTomcat.KonaConnector.initInternal(KonaConnector.java:38) ~[classes/:na]
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:549) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1011) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:173) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.catalina.startup.Tomcat.start(Tomcat.java:485) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.initialize(TomcatWebServer.java:123) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.<init>(TomcatWebServer.java:104) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.getTomcatWebServer(TomcatServletWebServerFactory.java:489) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory.getWebServer(TomcatServletWebServerFactory.java:211) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.createWebServer(ServletWebServerApplicationContext.java:183) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.onRefresh(ServletWebServerApplicationContext.java:161) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:602) ~[spring-context-6.0.11.jar:6.0.11]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:146) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:734) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:436) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:312) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1306) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1295) ~[spring-boot-3.1.2.jar:3.1.2]
at com.kona.tomcat.demo.DemoApplication.main(DemoApplication.java:14) ~[classes/:na]
Caused by: java.lang.IllegalArgumentException: None of the [protocols] specified are supported by the SSL engine : [[TLSv1, TLSv1.2, TLSv1.1]]
at org.apache.tomcat.util.net.SSLUtilBase.getEnabled(SSLUtilBase.java:154) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.tomcat.util.net.SSLUtilBase.<init>(SSLUtilBase.java:109) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.tomcat.util.net.SSLUtilBase.<init>(SSLUtilBase.java:83) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at com.kona.tomcat.demo.TkssTomcat.KonaSSLUtil.<init>(KonaSSLUtil.java:23) ~[classes/:na]
at com.kona.tomcat.demo.TkssTomcat.KonaSSLImpl.getSSLUtil(KonaSSLImpl.java:16) ~[classes/:na]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:95) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:70) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:207) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1278) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1291) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:622) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:77) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at com.kona.tomcat.demo.TkssTomcat.KonaConnector.initInternal(KonaConnector.java:36) ~[classes/:na]
... 21 common frames omitted
2023-08-18T10:51:36.957+08:00 INFO 5308 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2023-08-18T10:51:36.957+08:00 INFO 5308 --- [ main] o.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/10.1.11]
2023-08-18T10:51:37.013+08:00 INFO 5308 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2023-08-18T10:51:37.014+08:00 INFO 5308 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1036 ms
2023-08-18T10:51:37.533+08:00 INFO 5308 --- [ main] o.a.t.util.net.NioEndpoint.certificate : Connector [https-jsse-nio-8443], TLS virtual host [_default_], certificate type [UNDEFINED] configured from keystore [C:\Users\zhengxudong;.keystore] using alias [tomcat] with trust store [null]
2023-08-18T10:51:37.549+08:00 ERROR 5308 --- [ main] org.apache.catalina.util.LifecycleBase : Failed to start component [Connector[HTTP/1.1-8443]]
org.apache.catalina.LifecycleException: Protocol handler start failed
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1046) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.catalina.core.StandardService.addConnector(StandardService.java:232) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:282) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:213) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.web.servlet.context.WebServerStartStopLifecycle.start(WebServerStartStopLifecycle.java:44) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.context.support.DefaultLifecycleProcessor.doStart(DefaultLifecycleProcessor.java:179) ~[spring-context-6.0.11.jar:6.0.11]
at org.springframework.context.support.DefaultLifecycleProcessor$LifecycleGroup.start(DefaultLifecycleProcessor.java:357) ~[spring-context-6.0.11.jar:6.0.11]
at java.base/java.lang.Iterable.forEach(Iterable.java:75) ~[na:na]
at org.springframework.context.support.DefaultLifecycleProcessor.startBeans(DefaultLifecycleProcessor.java:156) ~[spring-context-6.0.11.jar:6.0.11]
at org.springframework.context.support.DefaultLifecycleProcessor.onRefresh(DefaultLifecycleProcessor.java:124) ~[spring-context-6.0.11.jar:6.0.11]
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:958) ~[spring-context-6.0.11.jar:6.0.11]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:611) ~[spring-context-6.0.11.jar:6.0.11]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:146) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:734) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:436) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:312) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1306) ~[spring-boot-3.1.2.jar:3.1.2]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1295) ~[spring-boot-3.1.2.jar:3.1.2]
at com.kona.tomcat.demo.DemoApplication.main(DemoApplication.java:14) ~[classes/:na]
Caused by: java.net.BindException: Address already in use: bind
at java.base/sun.nio.ch.Net.bind0(Native Method) ~[na:na]
at java.base/sun.nio.ch.Net.bind(Net.java:555) ~[na:na]
at java.base/sun.nio.ch.ServerSocketChannelImpl.netBind(ServerSocketChannelImpl.java:337) ~[na:na]
at java.base/sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:294) ~[na:na]
at org.apache.tomcat.util.net.NioEndpoint.initServerSocket(NioEndpoint.java:247) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:202) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1278) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1364) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:633) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1043) ~[tomcat-embed-core-10.1.11.jar:10.1.11]
... 19 common frames omitted
2023-08-18T10:51:37.560+08:00 INFO 5308 --- [ main] o.apache.catalina.core.StandardService : Stopping service [Tomcat]
2023-08-18T10:51:37.567+08:00 WARN 5308 --- [ main] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.context.ApplicationContextException: Failed to start bean 'webServerStartStop'
2023-08-18T10:51:37.575+08:00 INFO 5308 --- [ main] .s.b.a.l.ConditionEvaluationReportLogger :
Error starting ApplicationContext. To display the condition evaluation report re-run your application with 'debug' enabled.
2023-08-18T10:51:37.590+08:00 ERROR 5308 --- [ main] o.s.b.d.LoggingFailureAnalysisReporter :
***************************
APPLICATION FAILED TO START
***************************
Description:
The Tomcat connector configured to listen on port 8443 failed to start. The port may already be in use or the connector may be misconfigured.
Action:
Verify the connector's configuration, identify and stop any process that's listening on port 8443, or configure this application to listen on another port. |
|
我正在使用Tomcat embedded server开发一个Demo,先看看在这种场景下会遇到什么问题。 |
刚才完成了这个Demo,即TLCPWithTomcatDemo。 |
|
后续还将探索在SpringBoot+Tomcat的项目中集成TKSS的途径。 |
|
是的,我目前就是需要在SpringBoot+Tomcat的项目中集成TKSS(虽然目前这不是必须的工作),我参考一下TLCPWithTomcatDemo先,看再有什么问题我再反馈 |
|
@xudong-1990 |
|
感谢您的为我提供的帮助!目前tomcat server可以正常启动,但是在启动过程中报错如下: 2023-08-23 15:38:53.580 INFO 22364 --- [ main] com.kona.tomcat.demo.DemoApplication : No active profile set, falling back to 1 default profile: "default"
2023-08-23 15:38:54.437 INFO 22364 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8443 (https) 8443 (https)
2023-08-23 15:38:54.588 INFO 22364 --- [ main] o.a.t.util.net.NioEndpoint.certificate : Connector [https-jsse-nio-8443], TLS virtual host [_default_], certificate type [EC] configured from [C:\Users\zhengxudong/.keystore] using alias [tomcat] and with trust store [null]
2023-08-23 15:38:54.589 INFO 22364 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2023-08-23 15:38:54.589 INFO 22364 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.74]
2023-08-23 15:38:54.663 INFO 22364 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2023-08-23 15:38:54.663 INFO 22364 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1068 ms
2023-08-23 15:38:54.986 WARN 22364 --- [ main] ConfigServletWebServerApplicationContext : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.context.ApplicationContextException: Failed to start bean 'webServerStartStop'; nested exception is org.springframework.boot.web.server.PortInUseException: Port 8443 is already in use
2023-08-23 15:38:54.987 INFO 22364 --- [ main] o.apache.catalina.core.StandardService : Stopping service [Tomcat]
后面提示端口被占用了我修改了一下Connector的创建部分的代码: private Connector httpsConnector(AppConfig appConfig)
throws CertificateException, KeyStoreException, IOException,
NoSuchAlgorithmException {
KonaConnector connector = new KonaConnector(
TomcatServletWebServerFactory.DEFAULT_PROTOCOL);
connector.setScheme("https");
connector.setProperty("SSLEnabled", Boolean.toString(appConfig.isSslEnabled()));
// 修改在以下三行
connector.setPort(9010);
connector.setSecure(false);
connector.setRedirectPort(appConfig.getPort());
SSLHostConfig sslConfig = new KonaSSLHostConfig();
SSLHostConfigCertificate certConfig = new SSLHostConfigCertificate(
sslConfig, SSLHostConfigCertificate.Type.EC);
certConfig.setCertificateKeystore(createKeyStore(
appConfig.getKeyStoreType(), appConfig.getKeyStorePath(),
appConfig.getKeyStorePassword().toCharArray()));
certConfig.setCertificateKeystorePassword(appConfig.getKeyStorePassword());
sslConfig.addCertificate(certConfig);
sslConfig.setTrustStore(createKeyStore(
appConfig.getTrustStoreType(), appConfig.getTrustStorePath(),
appConfig.getTrustStorePassword().toCharArray()));
connector.addSslHostConfig(sslConfig);
return connector;
}思路: |
|
你是用什么方式启动TomcatServer? 在IntelliJ IDEA中,启动TomcatServer应用时,一切正常。 |
|
如果修改TomcatServer,使它成为 再启动时,就会遇到你所说的问题。 看起来是要启动两个使用HTTPS的Connector,它们都要使用端口8443。 此时,再修改application.yml中的配置项名称,如下, 即,不使用默认的配置名称 此时也可以启动成功了。 |
|
总的思路是,让Tomcat的默认Connector仅支持HTTP,而非HTTPS。然后,应用程序再加上定制的Connector,即KonaConnector,去支持HTTPS。 |
|
是的,Tomcat应该是会自动读取配置文件中ssl相关配置 |
|
@xudong-1990 |
|
我又尝试了以下使用这种方法去配置 serverConfig:
port: 8443
ssl:
enabled: true
...发现启动后会有两个端口,一个是tomcat默认启动的http的8080,另外一个才是配置的https的8443端口 |
我想,这是期望的结果。 |
|
@xudong-1990 |
|
@johnshajiang 这可能是目前最优的解决方案了 |
总体上看,这个方案应该是较好的。 |
|
connector中用KonaSSLHostConfig配置keystore的这部分,感觉可以调整一下, |
|
如果直接使用Tomcat的 |
|
环境:spring boot:3.2.1 java:17 application.properties配置内容如下: 项目启动tomcat 为什么在C:\Users.keystore 下去找证书信息。 |
|
这个问题是否与下面的Spring Boot issue有关? 另外,你的Tomcat Server最终启动成功了吗? |
|
非常感谢提供的 issue。
server 最终启动成功了。 运行日志如下: |
|
那这个问题可能并没有实质性的影响。 |
|
非常感谢您的回复。 调查这个日志信息的初衷是,购买腾讯域名(www.xxxxxx.xxxx)后,紧接着购买了该域名的ssl证书,网络备案也审核通过了。 因此调查了这个问题。 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
之前参考kona-demo将项目是配成国密HTTPS,但是这是基于jetty而非tomcat,对于适配tomcat您有什么建议吗?
之前配置的标准https是这样的
能否在此基础上,去适配成TKSS套件的国密HTTPS?
The text was updated successfully, but these errors were encountered: