问题
I build spring-boot executable war with ssl support. My application.properties file is:
server.port = 8443
server.ssl.key-store = classpath:keystore.jks
server.ssl.key-store-password = secret
server.ssl.key-password = another-secret
WAR file contains 'keystore.jks' file. But I get strange exception:
org.springframework.context.ApplicationContextException: Unable to start embedded container; nested exception is org.springframework.boot.context.embedded.EmbeddedServletContainerException: Could not find key store classpath:keystore.jks
Caused by: java.io.FileNotFoundException: class path resource [keystore.jks] cannot be resolved to absolute file path because it does not reside in the file system: jar:file:/D:/projects/vi3na/vi3na.web/target/vi3na.war!/WEB-INF/classes!/keystore.jks
What does sign '!' mean in the path 'D:/projects/vi3na/vi3na.web/target/vi3na.war!/WEB-INF/classes!/keystore.jks'
回答1:
Update: As a result of this enhancement request, the limitation described below no longer applies. Tomcat 8.0.28+ and 7.0.66+ can load a key store from within a jar file.
Original answer
I guess that you're using Tomcat as the embedded servlet container? As noted in the reference documentation, Tomcat does not currently support loading a keystore or trust store from within a jar:
Tomcat requires the key store (and trust store if you’re using one) to be directly accessible on the filesystem, i.e. it cannot be read from within a jar file.
You should move keystore.jks out of your jar and update server.ssl.key-store with its location on the file system.
回答2:
Execute the following steps to generate a Java KeyStore (JKS) and configure it in application.properties of your application:
1- Generate JKS
jmendoza@jmendoza:~$ keytool -genkey -alias selfsigned_localhost_sslserver -keyalg RSA -keysize 2048 -validity 700 -keypass changeit -storepass changeit -keystore ssl-server.jks
2- Config JKS in application.properties
server.port=8081
server.ssl.key-alias=electoralsystem-store
server.ssl.key-password=jmendoza
server.ssl.key-store=/home/jmendoza/IdeaProjects/dummy/config/electoralsystem-store.jks
server.ssl.key-store-provider=SUN
server.ssl.protocol=TLS
server.ssl.enabled-protocols=TLSv1.2
3- Invoke service from postman
https://localhost:8081/api/process
Note: For postman remember, Self-signed SSL certificates are being blocked: Fix this by turning off 'SSL certificate verification' in Settings > General
来源:https://stackoverflow.com/questions/32858217/spring-boot-executable-war-keystore-not-found