在更改Kurento项目证书时遇到问题? [英] having a issue changing Kurento projects certificate?
问题描述
我已经配置了 [kurento服务器] [1] (WebRTC媒体服务器和一组客户端API的环境,简化了WWW和智能手机平台的高级视频应用程序的开发)的环境,启动并运行了教程项目.
I have configured the environment of [kurento server][1] (a WebRTC media server and a set of client APIs making simple the development of advanced video applications for WWW and smartphone platforms) and I got the tutorial project up and running.
但是我在更改项目随附的证书时遇到问题.
But I am having an issue with changing the certificate that are included with the projects.
您能为我指明正确的方向,如何做到这一点而不会引起问题的原因,因为当我创建新的密钥库时,maven编译失败了.
Can you please point me in the right direction on how to do that without causing a problem, since when I created a new keystore the maven compile failed.
-这是完成站点[保护应用程序]步骤(我仔细检查了密码和证书)之后的堆栈跟踪的快照:
-- here is a snapshot of the stack trace after doing what the site [ securing the application ] steps ( I double checked the password and certificate ) :
2017-07-16 10:35:43.508 ERROR 11944 --- [llRecApp.main()] o.a.coyote.http11.Http11NioProtocol : Failed to start end point associated with ProtocolHandler [https-jsse-nio-8443]
java.lang.IllegalArgumentException: java.io.IOException: Keystore was tampered with, or password was incorrect
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:103) ~[tomcat-embed-core-8.5.5.jar:8.5.5]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:81) ~[tomcat-embed-core-8.5.5.jar:8.5.5]
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:244) ~[tomcat-embed-core-8.5.5.jar:8.5.5]
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:874) ~[tomcat-embed-core-8.5.5.jar:8.5.5]
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:590) ~[tomcat-embed-core-8.5.5.jar:8.5.5]
at org.apache.catalina.connector.Connector.startInternal(Connector.java:969) [tomcat-embed-core-8.5.5.jar:8.5.5]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) [tomcat-embed-core-8.5.5.jar:8.5.5]
at org.apache.catalina.core.StandardService.addConnector(StandardService.java:225) [tomcat-embed-core-8.5.5.jar:8.5.5]
at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.addPreviouslyRemovedConnectors(TomcatEmbeddedServletContainer.java:233) [spring-boot-1.4.1.RELEASE.jar:1.4.1.RELEASE]
at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.start(TomcatEmbeddedServletContainer.java:178) [spring-boot-1.4.1.RELEASE.jar:1.4.1.RELEASE]
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.startEmbeddedServletContainer(EmbeddedWebApplicationContext.java:297) [spring-boot-1.4.1.RELEASE.jar:1.4.1.RELEASE]
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.finishRefresh(EmbeddedWebApplicationContext.java:145) [spring-boot-1.4.1.RELEASE.jar:1.4.1.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:544) [spring-context-4.3.3.RELEASE.jar:4.3.3.RELEASE]
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:122) [spring-boot-1.4.1.RELEASE.jar:1.4.1.RELEASE]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:761) [spring-boot-1.4.1.RELEASE.jar:1.4.1.RELEASE]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:371) [spring-boot-1.4.1.RELEASE.jar:1.4.1.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:315) [spring-boot-1.4.1.RELEASE.jar:1.4.1.RELEASE]
at org.kurento.tutorial.one2onecallrec.One2OneCallRecApp.main(One2OneCallRecApp.java:68) [classes/:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_131]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_131]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_131]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_131]
at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:293) [exec-maven-plugin-1.4.0.jar:na]
at java.lang.Thread.run(Thread.java:748) [na:1.8.0_131]
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780) ~[na:1.8.0_131]
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56) ~[na:1.8.0_131]
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224) ~[na:1.8.0_131]
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70) ~[na:1.8.0_131]
at java.security.KeyStore.load(KeyStore.java:1445) ~[na:1.8.0_131]
at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:136) ~[tomcat-embed-core-8.5.5.jar:8.5.5]
at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:187) ~[tomcat-embed-core-8.5.5.jar:8.5.5]
at org.apache.tomcat.util.net.jsse.JSSEUtil.getKeyManagers(JSSEUtil.java:194) ~[tomcat-embed-core-8.5.5.jar:8.5.5]
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:101) ~[tomcat-embed-core-8.5.5.jar:8.5.5]
... 23 common frames omitted
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:778) ~[na:1.8.0_131]
... 31 common frames omitted
[1]: http://doc-kurento.阅读thedocs.io/en/stable/what_is_kurento.html
[1]: http://doc-kurento.readthedocs.io/en/stable/what_is_kurento.html
推荐答案
如果没有问题"或问题"的准确描述,将很难准确地找到可以解决问题的方法.
Without an exact description of "the problem" or "the issue", it will be difficult to pinpoint what can help.
您可以首先仔细检查"保护Kurento应用程序".
例如,命令
You can start by double-checking the content of "Securing Kurento Applications".
For instance, the command
mvn compile exec:java -Dkms.url=ws://kms_host:kms_port/kurento
仅在您的jar确实在jar文件中包含新密钥库的情况下才能工作:
would only work if your jar does include the new keystore in your jar file:
文件
keystore.jks必须位于项目的根路径中,并且src/main/resources/中必须存在一个名为application.properties的文件,其内容如下:
File
keystore.jksmust be in the project’s root path, and a file namedapplication.propertiesmust exist insrc/main/resources/, with the following content:
server.port: 8443
server.ssl.key-store: keystore.jks
server.ssl.key-store-password: yourPassword
server.ssl.keyStoreType: JKS
server.ssl.keyAlias: yourKeyAlias
使用此答案仔细检查,其中指出:
Double-check with this answer which states:
检查文件是否符合要求,并确保在
server.ssl.key-store
关于错误消息密钥库被篡改或密码不正确",请参阅"密钥工具错误密钥库被篡改或密码不正确".例如,这可能是一个密码短语问题.
Regarding the error message "Keystore was tampered with, or password was incorrect", see "keytool error Keystore was tampered with, or password was incorrect". It can be a passphrase issue for instance.
OP AhMaD AbUIeSa 添加了
使用证书和私钥从官方站点创建新的密钥库后,该项目可以正常工作.
After creating a new keystore from official site using the certificate and the private key the project worked with no problem.
在下面发表了评论="https://stackoverflow.com/users/1513187/nikola-lukic"> Nikola Lukic
As commented below by Nikola Lukic, to add a new certificat, you would need to :
- 使用以下命令将其复制到容器(
docker container cp)正确的路径(从容器内部而不是主机内部有效的路径), - 创建新图像(
docker container commit) - 将新映像作为新容器运行:
docker container run
这篇关于在更改Kurento项目证书时遇到问题?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
