英文:
Tomcat unable to locate desired keystore by Daemon Service Manager
问题
目前我正在使用Java代码通过Runtime.getRuntime().exec()加载KeyStore,以通过.cmd执行java -jar main.jar。
代码示例:
this.ks = KeyStore.getInstance("Windows-MY");
this.ks.load(null, null);
该程序能够使用Tomcat默认提供的startup.bat加载x509证书。(在管理员账户下运行)
然而,使用Daemon Service Manager启动Tomcat时,这种方式不起作用,KeyStore始终为空。
我也尝试了使用不同的账户,但遗憾的是结果相同:空的KeyStore。
我已经将私钥和所有必要的证书加载到本地计算机/当前用户中。
如何使这个工作起来?
英文:
Currently I'm using java code to load KeyStore through .cmd by Runtime.getRuntime().exec() to execute java -jar main.jar
The Code
this.ks = KeyStore.getInstance("Windows-MY");
this.ks.load(null, null);
The program is able to load x509 Certificate by using the startup.bat provided by Tomcat by default. (running in Administrator Account)
This is not working using Daemon Service Manager to start Tomcat, the KeyStore always returns empty.
I also tried using different accounts, but sadly same result: Empty KeyStore
I already loaded the private key and all needed certificates to Local Computer / Current User.
How can I make this work?
答案1
得分: 0
问题是服务账户没有加载密钥。
使用 Microsoft MMC 是行不通的,因为这不会以服务账户运行,密钥只加载到用户存储中。
可以使用类似 PsExec.exe 的工具通过命令加载密钥。
英文:
The problem was the services account didn't have the key loaded.
Using Microsoft MMC won't work, as this will not run as services account and the key only loaded to users' store.
Use tools like PsExec.exe to load the key by commands.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论