问题:
KeyStore.load()失败,密钥库格式无效
严嘉良
执行密钥库时,以下代码每次都会失败,IOException为“无效密钥库格式”。load()方法。该文件已成功从.jar文件加载。在Windows 10 Pro上使用Java 1.8。Maven用于编译和组装jar文件,然后将war放在一起,并作为war文件部署到JBOSS服务器。我也尝试过使用getDefault()的.getInstance,但出现了相同的错误。
InputStream stream;
stream = Thread.currentThread().getContextClassLoader()
.getResourceAsStream("cacerts.jks");
if (stream == null) {
stream = CustomTrustManager.class.getClassLoader()
.getResourceAsStream("cacerts.jks");
}
if(stream == null) {
Log.error("Unable to load cacerts.jks. This is needed to make HTTPS connections to internal servers.");
throw new NotFoundException();
}
KeyStore myTrustStore = KeyStore.getInstance("JKS");
myTrustStore.load(stream, "xxxxx".toCharArray());
使用以下命令从自签名服务器证书“server1.crt”文件生成“cacerts.jks”文件:
keytool -v -import -alias devserver -file server1.crt -keystore cacerts.jks
这成功完成并命令:
keytool -list -keystore cacerts.jks
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
devserver, Aug 15, 2019, trustedCertEntry,
Certificate fingerprint (SHA1): F6:7F:C9:95:0E:B8:59:07:24:23:67:93:43:B2:C9:AA:CD:5B:AF:68
显示密钥库文件没有问题。我扫描了许多StackOverflow文章,但没有指向该问题的解决方案。在调试模式下,加载资源后InputStream具有以下格式。我假设从. jar文件加载ZipFile类型是正常的。
感谢您对如何成功加载密钥库文件的任何见解。谢谢
StackTrace如下:
2019-08-18 17:00:53,038 ERROR service.CustomTrustManager (CustomTrustManager.java:59) [default task-2] - KeyStore failed to laod
java.io.IOException: Invalid keystore format
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:658) ~[?:1.8.0_161]
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56) ~[?:1.8.0_161]
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224) ~[?:1.8.0_161]
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70) ~[?:1.8.0_161]
at java.security.KeyStore.load(KeyStore.java:1445) ~[?:1.8.0_161]
at cinfin.thirdparty.service.CustomTrustManager.<init>(CustomTrustManager.java:57) [ThirdPartyWSCore-1.13.0.jar:1.13.0]
at cinfin.thirdparty.riskmeter.service.RiskMeterClientService.configureSSL(RiskMeterClientService.java:125) [ThirdPartyWSRiskMeter-1.0.0.jar:?]
at cinfin.thirdparty.riskmeter.service.RiskMeterClientService.getHttpClient(RiskMeterClientService.java:103) [ThirdPartyWSRiskMeter-1.0.0.jar:?]
at cinfin.thirdparty.riskmeter.service.RiskMeterClientService.getRiskMeterData(RiskMeterClientService.java:87) [ThirdPartyWSRiskMeter-1.0.0.jar:?]
at cinfin.thirdparty.riskmeter.bo.RiskMeterBo.getRiskMeterData(RiskMeterBo.java:50) [ThirdPartyWSRiskMeter-1.0.0.jar:?]
at cinfin.thirdparty.riskmeter.ws.RiskMeterService.getRiskMeterData(RiskMeterService.java:18) [ThirdPartyWSRiskMeter-1.0.0.jar:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_161]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_161]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_161]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_161]
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) [spring-aop-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) [spring-aop-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) [spring-aop-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:84) [spring-aop-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at cinfin.thirdparty.metering.bo.MeteringAspectImpl.performVendorCall(MeteringAspectImpl.java:64) [ThirdPartyWSCore-1.13.0.jar:1.13.0]
at cinfin.thirdparty.metering.bo.MeteringAspectImpl.aroundMeteredAnnotationAdvice(MeteringAspectImpl.java:33) [ThirdPartyWSCore-1.13.0.jar:1.13.0]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_161]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_161]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_161]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_161]
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:627) [spring-aop-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:616) [spring-aop-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70) [spring-aop-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168) [spring-aop-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92) [spring-aop-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) [spring-aop-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) [spring-aop-4.3.24.RELEASE.jar:4.3.24.RELEASE]
at com.sun.proxy.$Proxy206.getRiskMeterData(Unknown Source) [?:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_161]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_161]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_161]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_161]
at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180) [cxf-core-3.1.10.jar:3.1.10]
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96) [cxf-core-3.1.10.jar:3.1.10]
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:189) [cxf-rt-frontend-jaxrs-3.1.10.jar:3.1.10]
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:99) [cxf-rt-frontend-jaxrs-3.1.10.jar:3.1.10]
at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59) [cxf-core-3.1.10.jar:3.1.10]
at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96) [cxf-core-3.1.10.jar:3.1.10]
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) [cxf-core-3.1.10.jar:3.1.10]
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) [cxf-core-3.1.10.jar:3.1.10]
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:262) [cxf-rt-transports-http-3.1.10.jar:3.1.10]
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234) [cxf-rt-transports-http-3.1.10.jar:3.1.10]
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208) [cxf-rt-transports-http-3.1.10.jar:3.1.10]
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160) [cxf-rt-transports-http-3.1.10.jar:3.1.10]
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:180) [cxf-rt-transports-http-3.1.10.jar:3.1.10]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:299) [cxf-rt-transports-http-3.1.10.jar:3.1.10]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:223) [cxf-rt-transports-http-3.1.10.jar:3.1.10]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) [jboss-servlet-api_3.1_spec-1.0.0.Final-redhat-1.jar!/:1.0.0.Final-redhat-1]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:274) [cxf-rt-transports-http-3.1.10.jar:3.1.10]
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) [undertow-servlet-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) [undertow-servlet-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) [wildfly-undertow-7.0.9.GA-redhat-3.jar!/:7.0.9.GA-redhat-3]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) [undertow-servlet-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) [undertow-core-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) [undertow-servlet-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) [undertow-core-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) [undertow-servlet-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) [undertow-core-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) [undertow-core-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) [wildfly-undertow-7.0.9.GA-redhat-3.jar!/:7.0.9.GA-redhat-3]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:285) [undertow-servlet-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:264) [undertow-servlet-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) [undertow-servlet-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:175) [undertow-servlet-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:324) [undertow-core-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:803) [undertow-core-1.3.31.Final-redhat-3.jar!/:1.3.31.Final-redhat-3]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_161]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_161]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_161]
共有3个答案
黄成荫
根据Omikrom的回答:
二进制文件基本上被视为文本文件,因此jar中的文件以UTF-8字符(0xEFBFBDEFBFBD)开头,而不是JKS的神奇数字(0xFEEDFEED)。
我在pom.xml文件的属性部分添加了这两行
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
它完成了任务
邰胤
确保排除过滤您的密钥库文件jks
喜欢
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
<excludes>
<exclude>**/*.jks</exclude>
</excludes>
</resource>
<resource>
<directory>src/main/resources</directory>
<filtering>false</filtering>
<includes>
<include>**/*.jks</include>
</includes>
</resource>
</resources>
顾乐心
二进制JKS文件可能被Maven资源插件过滤,导致文件损坏,这是一个非常常见的问题:
Maven在构建过程中复制到Java资源目录时会损坏WAV文件
Maven在构建jar时损坏了源/主/资源中的二进制文件
移动到资源文件夹时,生成的证书停止工作
二进制文件基本上被视为文本文件,因此jar中的文件以UTF-8字符(<code>0xEFBFBDEBFBD</code>)开始,而不是JKS的幻数(<code>0xFEEDFEED</code>)。
Resources Plugin留档包含一个明确的警告:
不要过滤包含图像等二进制内容的文件!这很可能会导致损坏的输出。
可能的解决方案有:
- 将资源文件夹拆分为一个已筛选的文件夹和一个未筛选的文件夹(请参阅此处)
- 全局禁用对扩展名为 .jks 的文件的筛选(请参阅此处)
类似资料:
-
问题内容: 我正在使用SSLServerSocket和java.ssl包中的其他类在Java中测试SSL。运行以下代码时,出现异常java.io.IOException:无效的密钥库格式。我的代码: 文件key.txt:1268312345812304612348712634283427346我想我应该在key.txt文件中放一些东西,但是我不知道要放什么。可能是经过消毒的物体。 编辑:客户端代码
-
在终端中运行命令时出错: "keytools-list-v-alias androiddegkey-keystore%USERPROFILE%. android\debug.keystore" 导致以下错误: P.S:关于这个错误,我看到过类似的问题,但没有一个解决方案解决了我的问题。
-
11:12:17,289信息[org.apache.Coyote.http11.http11protocol](MSC服务线程1-2)JBWeb003001:Coyote http/1.1正在初始化:http-/0.0.0.0:8080 11:12:17,297信息[org.apache.Coyote.http11.http11protocol](MSC服务线程1-2)JBWeb003000:Co
-
任务“:app:packageRelease”的执行失败。 执行com时发生故障。Android建筑格雷德尔。内部的任务。工人$ActionFacade.com。Android石斑鱼类。常见的签字。KeytoolException:无法从存储区“/Users/husseinawaesha/key.jks”读取密钥:密钥库格式无效
-
我使用的是ruby EC2 SDK,版本2。用EC2生成的密钥的私钥材料存储在字符串中。我正在尝试使用生成将密钥导入EC2所需的公钥材料 我尝试了一些新的东西。我使用EC2 web控制台从头开始生成了一个新密钥,然后按照Raphael在下面指出的方法生成了一个公共密钥 密钥未加密。 在尝试通过web控制台或代码导入公钥时,我得到了同样的错误。 而第一个生成的文件以 现在的问题是如何在Ruby中生成
-
c)在标记下,用HTTPS绑定ApplicationRealm。