春季启动:SSL引擎不支持指定的任何[密码]

时间:2018-08-24 17:45:56

标签: java spring-boot tomcat ssl

我们有一个启用了SSL的其余端点的spring boot服务(2.0)。我们已经在application.properties

中添加了以下属性 
server.ssl.enabled:true
server.ssl.key-store-type=JKS
server.ssl.key-store:test.jks
server.ssl.key-store-password:123234
server.ssl.key-alias: test-service
server.ssl.ciphers=RSA_WITH_AES_256_CBC_SHA256
server.ssl.protocol=TLS

但是我们在启动服务时遇到了这个异常

Caused by: java.lang.IllegalArgumentException: None of the [ciphers] specified are supported by the SSL engine : [[]]
        at org.apache.tomcat.util.net.SSLUtilBase.getEnabled(SSLUtilBase.java:91) ~[tomcat-embed-core-8.5.28.jar!/:8.5.28]
        at org.apache.tomcat.util.net.SSLUtilBase.<init>(SSLUtilBase.java:65) ~[tomcat-embed-core-8.5.28.jar!/:8.5.28]
        at org.apache.tomcat.util.net.jsse.JSSEUtil.<init>(JSSEUtil.java:144) ~[tomcat-embed-core-8.5.28.jar!/:8.5.28]
        at org.apache.tomcat.util.net.jsse.JSSEImplementation.getSSLUtil(JSSEImplementation.java:50) ~[tomcat-embed-core-8.5.28.jar!/:8.5.28]
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:104) ~[tomcat-embed-core-8.5.28.jar!/:8.5.28]
        at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:87) ~[tomcat-embed-core-8.5.28.jar!/:8.5.28]
        at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:225) ~[tomcat-embed-core-8.5.28.jar!/:8.5.28]
        at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1150) ~[tomcat-embed-core-8.5.28.jar!/:8.5.28]
        at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:591) ~[tomcat-embed-core-8.5.28.jar!/:8.5.28]
        at org.apache.catalina.connector.Connector.startInternal(Connector.java:1018) ~[tomcat-embed-core-8.5.28.jar!/:8.5.28]
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) ~[tomcat-embed-core-8.5.28.jar!/:8.5.28]

对解决此问题有帮助吗?。使用定制程序尝试使用密码套件标志

@Bean
    public WebServerFactoryCustomizer<TomcatServletWebServerFactory> sessionManagerCustomizer() {
        msgLogger.info("Inside webserver container bean to enable cipher suite config");
            return server -> server.addConnectorCustomizers((connector) -> {
                ((AbstractHttp11Protocol<?>) connector.getProtocolHandler())
                .setUseServerCipherSuitesOrder(Boolean.toString(true));
    });
    }

非常感谢您的帮助。我们在此停留超过2天。谢谢

0 个答案:

没有答案
相关问题
最新问题