带有Quarkus配置的Keycloak 18未能使用PKCS12作为密钥存储库(*.p12)
带有Quarkus配置的Keycloak 18未能使用PKCS12作为密钥存储库(*.p12)
提问于 2022-06-13 10:06:09
使用jboss发行版,我能够在standalone.xml中为SSL配置keystore,如下所示,它运行良好
<tls>
<key-stores>
<key-store name="applicationKS">
<credential-reference clear-text="Xxxxxx!"/>
<implementation type="PKCS12"/>
<file path="my-keystore.p12" relative-to="jboss.server.config.dir"/>
</key-store>
</key-stores>
<key-managers>
<key-manager name="applicationKM" key-store="applicationKS" alias-filter="my-keystore">
<credential-reference clear-text="Xxxxxx!"/>
</key-manager>
</key-managers>
<server-ssl-contexts>
<server-ssl-context name="applicationSSC" key-manager="applicationKM" />
</server-ssl-contexts>
</tls>但是,当使用Quarkus发行版时,如下所示,
bin/kc.bat start --https-port=8180 --http-host=xxx.xxx.xx.xx --hostname=mymachine --https-key-store-file=my-keystore.p12 --https-key-store-password=Xxxxxx! --https-key-store-type=PKCS12 --https-protocols=TLSv1.3我得到的错误是
2022-06-13 16:52:58,717 ERROR [io.netty.util.concurrent.DefaultPromise.rejectedExecution] (vert.x-eventloop-thread-16) Failed to submit a listener notification task. Event loop shut down?: java.util.concurrent.RejectedExecutionException: event executor terminated
at io.netty.util.concurrent.SingleThreadEventExecutor.reject(SingleThreadEventExecutor.java:923)
at io.netty.util.concurrent.SingleThreadEventExecutor.offerTask(SingleThreadEventExecutor.java:350)
at io.netty.util.concurrent.SingleThreadEventExecutor.addTask(SingleThreadEventExecutor.java:343)
at io.netty.util.concurrent.SingleThreadEventExecutor.execute(SingleThreadEventExecutor.java:825)
at io.netty.util.concurrent.SingleThreadEventExecutor.execute(SingleThreadEventExecutor.java:815)
at io.netty.util.concurrent.DefaultPromise.safeExecute(DefaultPromise.java:841)
at io.netty.util.concurrent.DefaultPromise.notifyListenerWithStackOverFlowProtection(DefaultPromise.java:529)
at io.netty.util.concurrent.DefaultPromise.notifyListener(DefaultPromise.java:477)
at io.netty.util.concurrent.CompleteFuture.addListener(CompleteFuture.java:48)
at io.vertx.core.net.impl.TCPServerBase.bind(TCPServerBase.java:103)
at io.vertx.core.http.impl.HttpServerImpl.listen(HttpServerImpl.java:217)
at io.vertx.core.http.impl.HttpServerImpl.listen(HttpServerImpl.java:149)
at io.vertx.core.http.impl.HttpServerImpl.listen(HttpServerImpl.java:154)
at io.quarkus.vertx.http.runtime.VertxHttpRecorder$WebDeploymentVerticle.setupTcpHttpServer(VertxHttpRecorder.java:1075)
at io.quarkus.vertx.http.runtime.VertxHttpRecorder$WebDeploymentVerticle.start(VertxHttpRecorder.java:1029)
at io.vertx.core.impl.DeploymentManager.lambda$doDeploy$5(DeploymentManager.java:196)
at io.vertx.core.impl.AbstractContext.dispatch(AbstractContext.java:100)
at io.vertx.core.impl.AbstractContext.dispatch(AbstractContext.java:63)
at io.vertx.core.impl.EventLoopContext.lambda$runOnContext$0(EventLoopContext.java:38)
at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:164)
at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:469)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:503)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:986)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:834)
2022-06-13 16:52:58,720 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to start server in (production) mode
2022-06-13 16:52:58,720 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Unable to start HTTP server
2022-06-13 16:52:58,721 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: io.vertx.core.VertxException: java.io.IOException: keystore password was incorrect
2022-06-13 16:52:58,721 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: java.io.IOException: keystore password was incorrect
2022-06-13 16:52:58,721 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: keystore password was incorrect
2022-06-13 16:52:58,722 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.我看不到一个参数来传递我的密钥的别名(能够在standalone.xml中指定为alias-filter)。所以请有人建议我在这个配置中做错了什么。
回答 1
Stack Overflow用户
发布于 2022-06-13 15:51:14
问题是密码中的感叹号(!),需要像^^!那样在命令中转义。
--https-key-store-password="Xxxxxx^^!"页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/72601054
复制相关文章
相似问题
腾讯云开发者
