如何配置播放! 2.4.2 HTTPS密钥库? [英] How to configure Play! 2.4.2 HTTPS keystore?
问题描述
我是Play Framework的新手,只是尝试在Java 8上使用2.4.2首次使用HTTPS。我可以使用默认密钥库但不能使用自己的密钥库。我在 build.sbt 中配置了工作默认密钥库:
I'm new to the Play Framework and just trying to get HTTPS going for the first time with 2.4.2 on Java 8. I can get it working with the default keystore but not with my own keystore. I configured the working default keystore in build.sbt:
javaOptions ++= Seq(
"-Dhttps.port=9443"
)
然后用于配置您自己的密钥库的官方文档获取对我来说有点太抽象了。它提到在 application.conf 中配置它,但没有说明如何,或者在命令行上,而不是在Java示例中。谷歌搜索揭示了一些Scala示例,但我不能哄骗他们,因为他们使用的东西,如 devSettings 似乎没有遇到Java世界,或者至少我不懂Play和Scala足以控制它们。
Then the official documentation for configuring your own keystore gets a bit too abstract for me. It mentions configuring it in application.conf but doesn't say how, or on the command line but not with a Java example. Googling reveals some Scala examples but I cannot cajole them as they use things like devSettings that don't seem to come across to the Java world, or at least I do not understand Play and Scala enough to get a grip on them.
据我所知,我似乎在 build.sbt中使用我自己的独特配置:
javaOptions ++= Seq(
"-Dhttps.port=9443",
"-Dhttps.keyStore.path=keystore.jks",
"-Dhttps.keyStore.password=password")
它构建并运行正常:
p.c.s.NettyServer - Listening for HTTPS on port /0:0:0:0:0:0:0:0:9443
play.api.Play - Application started (Dev)
但是在第一个https://访问中,我在Actuator UI中获得了无限的堆栈跟踪:
But on the first https:// access I get an endless stack trace in the Actuator UI:
play.core.server.NettyServer$PlayPipelineFactory - cannot load SSL context
java.lang.reflect.InvocationTargetException: null
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[na:1.8.0_45]
...
play.core.server.netty.PlayDefaultUpstreamHandler - Exception caught in Netty
java.lang.IllegalArgumentException: empty text
at org.jboss.netty.handler.codec.http.HttpVersion.<init>(HttpVersion.java:89) ~[netty-3.10.3.Final.jar:na]
...
我的第一个想法是我没有配置它正确但我没有设法找到Play 2.4的权威指南。我真的开始质疑我的谷歌搜索权力。我发现许多对前端代理的引用并避免在Play中使用SSL终止,但我没有开发一个公共网站并发现这种做法有点过分。
My first thought is that I'm not configuring it correctly but I haven't managed to find a definitive guide for Play 2.4. I'm seriously starting to question my Googling powers. I find lots of references to front-end proxies and avoiding SSL termination in Play but I'm not developing a public website and find this approach overkill.
我不知道知道它是不是红鲱鱼,但Netty项目很久以前就放弃了 org.jboss.netty 现在使用 io.netty 。我看到整个堆栈跟踪的org.jboss.netty和Play 2.4.2似乎都在使用Netty 3.10.3.Final这是非常古老的。我碰巧熟悉Netty并且在生产中使用了4.x而5.x目前在Alpha中。为什么Play在这里被困?我应该担心吗?
I don't know if it's a red herring but the Netty project dropped the org.jboss.netty a long time ago and now uses io.netty. I see org.jboss.netty all over the stack trace and Play 2.4.2 seems to be using Netty 3.10.3.Final which is very old. I happen to be familiar with Netty and have used 4.x in production while 5.x is currently in Alpha. Why is Play stuck in the past here? Should I be worried?
我发现了一些似乎密切相关的问题,例如 Play 2.2.x中的错误和 AHC中的一个错误(Play使用),但在我正在使用的Play 2.4.2之前,两者似乎已经很好地修复了。不过我尝试了一些修复,例如升级async-http-client依赖项,从async-http-client中排除org.jboss.netty传递依赖项并升级到Netty 3.10.4.Final。
I found several issues which seem closely related such as a bug in Play 2.2.x and a bug in AHC (which Play uses), but both appear to have been fixed well before Play 2.4.2 that I'm using. Nevertheless I tried fixes such as upgrading the async-http-client dependency, excluding the org.jboss.netty transitive dependency from async-http-client and upgrading to Netty 3.10.4.Final.
所以现在我被卡住了,但我觉得我只是错过了入门指南。也许所有这些依赖性问题和相关的错误只是浪费时间?
So now I'm stuck but I feel like I'm just missing a getting started guide. Maybe all these dependency issues and related bugs are just a waste of time?
推荐答案
所以在发布问题后5分钟我认为它out ...我的配置密钥错误,密钥库路径需要是项目根目录的绝对或相对(即添加conf /如果它在您的conf文件夹中) :
So 5 minutes after posting the question I figured it out... My configuration keys were wrong and the keystore path needed to be either absolute or relative to the project root (i.e. add conf/ if it's in your conf folder):
javaOptions ++= Seq(
"-Dhttps.port=9443",
"-Dhttps.keyStore=conf/keystore.jks",
"-Dhttps.keyStorePassword=password")
我对密钥的错误是使用点根据文档:
My mistake with the keys was to use dots per the documentation:
https.keyStore.path
https.keyStore.password
而不是:
https.keyStore
https.keyStorePassword
我不知道怎么样ne从dot.notation到camelCase,甚至我在这里配置的是什么。这些参数更像是标准JVM参数 javax.net.ssl.keyStore 和 javax.net.ssl.keyStorePassword 但还不完全我觉得我在这里错过了一招。如果Play报告它找不到密钥库而不是NPE也会很好,但是因为我似乎正在配置JVM,除非有另一种方法来配置这些东西,否则Play可以做些什么。有体面的文件!
I'm not sure how one gets from dot.notation to camelCase or even what exactly I'm configuring here. These parameters are more like the standard JVM arguments javax.net.ssl.keyStore and javax.net.ssl.keyStorePassword, yet not quite. I feel like I'm missing a trick here. It would also be nice if Play would report that it couldn't find the keystore rather than an NPE, but since I seem to be configuring the JVM maybe there's nothing Play can do about it unless there is another way to configure this stuff... with decent documentation!
这篇关于如何配置播放! 2.4.2 HTTPS密钥库?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
