2. it技术
  3. Tomcat SSL配置 APR,出现:Connector attribute SSLCertificateFile must be defined when using SSL with APR

Tomcat SSL配置 APR,出现:Connector attribute SSLCertificateFile must be defined when using SSL with APR

it2023-10-01  65

Tomcat SSL配置 ARP

tomcat SSL配置如下:

<Connector SSLEnabled="true" URIEncoding="UTF-8" clientAuth="false" executor="tomcatThreadPool" keystoreFile="E:\Tomcat 7.0.104\certs\localhost.jks" keystorePass="123456" keystoreType="JKS" acceptCount="100" connectionTimeout="20000" port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https" secure="true" sslProtocol="TLS" allowUnsafeLegacyRenegotiation="false" sslEnabledProtocols = "TLSv1.2" />

tomcat一直是使用Nio模式启动运行,最近想修改为性能更好的Apr模式。看了网上的一些相关配置,直接将protocol的参数修改就可以了。最后改为:

protocol="org.apache.coyote.http11.Http11AprProtocol"

不出所料,启动时候直接报错:

严重: Failed to initialize end point associated with ProtocolHandler ["http-apr-443"] java.lang.Exception: Connector attribute SSLCertificateFile must be defined when using SSL with APR at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:540) at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:750) at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:467) at org.apache.catalina.connector.Connector.initInternal(Connector.java:1024) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) at org.apache.catalina.core.StandardService.initInternal(StandardService.java:560) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:826) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) at org.apache.catalina.startup.Catalina.load(Catalina.java:663) at org.apache.catalina.startup.Catalina.load(Catalina.java:686) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:244) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)

查了不少文章,都是直接修改了protocol参数为org.apache.coyote.http11.Http11Protocol,回避了Apr模式启动报错的问题。由tomcat选择其他方式启动,并不是使用Apr模式。

无奈之下只能查看tomcat官网的相关配置,最后在官网找到了Apr启动相关配置参数 tomcat SSL下启动Apr配置的官网文档链接

原来Apr模式配置与平常的SSL配置有所不同,并不是使用原先的.jks文件与密码进行配置的。需要证书文件与生成证书时的秘钥文件配置,最后我将tomcat的配置修改为

<Connector SSLEnabled="true" URIEncoding="UTF-8" clientAuth="false" executor="tomcatThreadPool" SSLCertificateFile="E:\Tomcat 7.0.104\certs\localhost.crt" SSLCertificateKeyFile="E:\Tomcat 7.0.104\certs\localhost.key" acceptCount="100" connectionTimeout="20000" port="443" protocol="org.apache.coyote.http11.Http11AprProtocol" scheme="https" secure="true" allowUnsafeLegacyRenegotiation="false" SSLVerifyClient="optional" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"/>

重新启动即可使用tomcat的Apr模式了

最新回复(0)