充当 HTTPS Sonatype Nexus
Serving as HTTPS Sonatype Nexus
我已经将 nexus 安装为一个由 3 个 windows 节点组成的集群。现在我想将 Nexus 作为 HTTPS 服务。当我遵循 this documentation 时,我按照建议做了所有事情,但是当我 运行 命令
nexus.exe /run
我收到一个错误
java.lang.IllegalStateException: no valid keystore
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:50)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1194)
at org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:334)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:256)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:167)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:119)
at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:94)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:167)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:119)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:167)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:119)
at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:282)
at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:236)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.server.Server.doStart(Server.java:396)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.sonatype.nexus.bootstrap.jetty.JettyServer$JettyMainThread.run(JettyServer.java:274)
我的 jetty-https.xml 配置文件如下所示,
...
<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
<Set name="certAlias">my-wildcard-cert</Set>
<Set name="KeyStorePath"><Property name="ssl.etc"/>/keystore.jks</Set>
<Set name="KeyStorePassword">changeit</Set>
<Set name="KeyManagerPassword">changeit</Set>
<Set name="TrustStorePath"><Property name="ssl.etc"/>/keystore.jks</Set>
<Set name="TrustStorePassword">changeit</Set>
<Set name="EndpointIdentificationAlgorithm"></Set>
<Set name="NeedClientAuth"><Property name="jetty.ssl.needClientAuth" default="false"/></Set>
<Set name="WantClientAuth"><Property name="jetty.ssl.wantClientAuth" default="false"/></Set>
<Set name="ExcludeCipherSuites">
<Array type="String">
<Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
<Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
<Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
</Array>
</Set>
</New>
...
我相信我的密钥库文件位置有问题,但我尝试了很多但没有得到任何成功的结果。
我试过,<Set name="KeyStorePath"><Property
name="ssl.etc"/>C:\users\<myusername>\keystore.jks</Set> 导致更改错误消息:
2020-03-13 12:40:56,904+0300 ERROR [FelixDispatchQueue] *SYSTEM org.sonatype.nexus.bootstrap - FrameworkEvent ERROR - org.sonatype.nexus.bootstrap
org.osgi.framework.BundleException: Activator start error in bundle org.sonatype.nexus.bootstrap [65].
at org.apache.felix.framework.Felix.activateBundle(Felix.java:2290)
at org.apache.felix.framework.Felix.startBundle(Felix.java:2146)
at org.apache.felix.framework.Felix.setActiveStartLevel(Felix.java:1373)
at org.apache.felix.framework.FrameworkStartLevelImpl.run(FrameworkStartLevelImpl.java:308)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.reflect.InvocationTargetException: null
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.set(XmlConfiguration.java:545)
at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:466)
at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.newObj(XmlConfiguration.java:875)
at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:478)
at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:413)
at org.eclipse.jetty.xml.XmlConfiguration.configure(XmlConfiguration.java:311)
at org.sonatype.nexus.bootstrap.jetty.JettyServer.doStart(JettyServer.java:168)
at org.sonatype.nexus.bootstrap.jetty.JettyServer.lambda[=13=](JettyServer.java:117)
at java.security.AccessController.doPrivileged(Native Method)
at org.sonatype.nexus.bootstrap.jetty.JettyServer.start(JettyServer.java:115)
at org.sonatype.nexus.bootstrap.Launcher.start(Launcher.java:131)
at org.sonatype.nexus.bootstrap.Launcher.startAsync(Launcher.java:127)
at org.sonatype.nexus.bootstrap.osgi.LauncherActivator.start(LauncherActivator.java:67)
at org.apache.felix.framework.util.SecureAction.startActivator(SecureAction.java:697)
at org.apache.felix.framework.Felix.activateBundle(Felix.java:2240)
... 4 common frames omitted
Caused by: java.lang.IllegalArgumentException: java.io.IOException: The filename, directory name, or volume label syntax is incorrect
at org.eclipse.jetty.util.ssl.SslContextFactory.setKeyStorePath(SslContextFactory.java:656)
... 23 common frames omitted
Caused by: java.io.IOException: The filename, directory name, or volume label syntax is incorrect
at java.io.WinNTFileSystem.canonicalize0(Native Method)
at java.io.WinNTFileSystem.canonicalize(WinNTFileSystem.java:428)
at java.io.File.getCanonicalPath(File.java:618)
at java.io.File.getCanonicalFile(File.java:643)
at org.eclipse.jetty.util.resource.Resource.newResource(Resource.java:184)
at org.eclipse.jetty.util.resource.Resource.newResource(Resource.java:154)
at org.eclipse.jetty.util.ssl.SslContextFactory.setKeyStorePath(SslContextFactory.java:652)
... 23 common frames omitted
Suppressed: java.net.MalformedURLException: Unknown protocol: c
at java.net.URL.<init>(URL.java:627)
at java.net.URL.<init>(URL.java:490)
at java.net.URL.<init>(URL.java:439)
at org.eclipse.jetty.util.resource.Resource.newResource(Resource.java:171)
... 25 common frames omitted
Caused by: java.lang.IllegalStateException: Unknown protocol: c
at org.apache.felix.framework.URLHandlersStreamHandlerProxy.parseURL(URLHandlersStreamHandlerProxy.java:373)
at java.net.URL.<init>(URL.java:622)
... 28 common frames omitted
当我搜索Unknown protocol: c here时建议使用as file:///C:/Users/MyUser/image .jpg 我也试过了,但仍然遇到未知协议:c 错误。
我应该如何修复我的 jetty-https.xml 文件?
提前致谢
最好的问候
使用完全限定的路径名...
<Set name="KeyStorePath">C:/users/myusername/keystore.jks</Set>
并且不要包含额外的细节 <Property name="ssl.etc"/>,它只是将 属性 "ssl.etc" 的值放在您配置的路径前面。
我已经将 nexus 安装为一个由 3 个 windows 节点组成的集群。现在我想将 Nexus 作为 HTTPS 服务。当我遵循 this documentation 时,我按照建议做了所有事情,但是当我 运行 命令
nexus.exe /run
我收到一个错误
java.lang.IllegalStateException: no valid keystore
at org.eclipse.jetty.util.security.CertificateUtils.getKeyStore(CertificateUtils.java:50)
at org.eclipse.jetty.util.ssl.SslContextFactory.loadKeyStore(SslContextFactory.java:1194)
at org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:334)
at org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:256)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:167)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:119)
at org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:94)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:167)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:119)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:167)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:119)
at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:282)
at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:236)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.server.Server.doStart(Server.java:396)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.sonatype.nexus.bootstrap.jetty.JettyServer$JettyMainThread.run(JettyServer.java:274)
我的 jetty-https.xml 配置文件如下所示,
...
<New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
<Set name="certAlias">my-wildcard-cert</Set>
<Set name="KeyStorePath"><Property name="ssl.etc"/>/keystore.jks</Set>
<Set name="KeyStorePassword">changeit</Set>
<Set name="KeyManagerPassword">changeit</Set>
<Set name="TrustStorePath"><Property name="ssl.etc"/>/keystore.jks</Set>
<Set name="TrustStorePassword">changeit</Set>
<Set name="EndpointIdentificationAlgorithm"></Set>
<Set name="NeedClientAuth"><Property name="jetty.ssl.needClientAuth" default="false"/></Set>
<Set name="WantClientAuth"><Property name="jetty.ssl.wantClientAuth" default="false"/></Set>
<Set name="ExcludeCipherSuites">
<Array type="String">
<Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
<Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
<Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
<Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
<Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
</Array>
</Set>
</New>
...
我相信我的密钥库文件位置有问题,但我尝试了很多但没有得到任何成功的结果。
我试过,<Set name="KeyStorePath"><Property
name="ssl.etc"/>C:\users\<myusername>\keystore.jks</Set> 导致更改错误消息:
2020-03-13 12:40:56,904+0300 ERROR [FelixDispatchQueue] *SYSTEM org.sonatype.nexus.bootstrap - FrameworkEvent ERROR - org.sonatype.nexus.bootstrap
org.osgi.framework.BundleException: Activator start error in bundle org.sonatype.nexus.bootstrap [65].
at org.apache.felix.framework.Felix.activateBundle(Felix.java:2290)
at org.apache.felix.framework.Felix.startBundle(Felix.java:2146)
at org.apache.felix.framework.Felix.setActiveStartLevel(Felix.java:1373)
at org.apache.felix.framework.FrameworkStartLevelImpl.run(FrameworkStartLevelImpl.java:308)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.reflect.InvocationTargetException: null
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.set(XmlConfiguration.java:545)
at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:466)
at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.newObj(XmlConfiguration.java:875)
at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:478)
at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:413)
at org.eclipse.jetty.xml.XmlConfiguration.configure(XmlConfiguration.java:311)
at org.sonatype.nexus.bootstrap.jetty.JettyServer.doStart(JettyServer.java:168)
at org.sonatype.nexus.bootstrap.jetty.JettyServer.lambda[=13=](JettyServer.java:117)
at java.security.AccessController.doPrivileged(Native Method)
at org.sonatype.nexus.bootstrap.jetty.JettyServer.start(JettyServer.java:115)
at org.sonatype.nexus.bootstrap.Launcher.start(Launcher.java:131)
at org.sonatype.nexus.bootstrap.Launcher.startAsync(Launcher.java:127)
at org.sonatype.nexus.bootstrap.osgi.LauncherActivator.start(LauncherActivator.java:67)
at org.apache.felix.framework.util.SecureAction.startActivator(SecureAction.java:697)
at org.apache.felix.framework.Felix.activateBundle(Felix.java:2240)
... 4 common frames omitted
Caused by: java.lang.IllegalArgumentException: java.io.IOException: The filename, directory name, or volume label syntax is incorrect
at org.eclipse.jetty.util.ssl.SslContextFactory.setKeyStorePath(SslContextFactory.java:656)
... 23 common frames omitted
Caused by: java.io.IOException: The filename, directory name, or volume label syntax is incorrect
at java.io.WinNTFileSystem.canonicalize0(Native Method)
at java.io.WinNTFileSystem.canonicalize(WinNTFileSystem.java:428)
at java.io.File.getCanonicalPath(File.java:618)
at java.io.File.getCanonicalFile(File.java:643)
at org.eclipse.jetty.util.resource.Resource.newResource(Resource.java:184)
at org.eclipse.jetty.util.resource.Resource.newResource(Resource.java:154)
at org.eclipse.jetty.util.ssl.SslContextFactory.setKeyStorePath(SslContextFactory.java:652)
... 23 common frames omitted
Suppressed: java.net.MalformedURLException: Unknown protocol: c
at java.net.URL.<init>(URL.java:627)
at java.net.URL.<init>(URL.java:490)
at java.net.URL.<init>(URL.java:439)
at org.eclipse.jetty.util.resource.Resource.newResource(Resource.java:171)
... 25 common frames omitted
Caused by: java.lang.IllegalStateException: Unknown protocol: c
at org.apache.felix.framework.URLHandlersStreamHandlerProxy.parseURL(URLHandlersStreamHandlerProxy.java:373)
at java.net.URL.<init>(URL.java:622)
... 28 common frames omitted
当我搜索Unknown protocol: c here时建议使用as file:///C:/Users/MyUser/image .jpg 我也试过了,但仍然遇到未知协议:c 错误。
我应该如何修复我的 jetty-https.xml 文件?
提前致谢
最好的问候
使用完全限定的路径名...
<Set name="KeyStorePath">C:/users/myusername/keystore.jks</Set>
并且不要包含额外的细节 <Property name="ssl.etc"/>,它只是将 属性 "ssl.etc" 的值放在您配置的路径前面。