Tomcat无法通过守护进程服务管理器定位所需的密钥库。

huangapple go评论77阅读模式
英文:

Tomcat unable to locate desired keystore by Daemon Service Manager

问题

目前我正在使用Java代码通过Runtime.getRuntime().exec()加载KeyStore,以通过.cmd执行java -jar main.jar

代码示例:

this.ks = KeyStore.getInstance("Windows-MY");
this.ks.load(null, null);

该程序能够使用Tomcat默认提供的startup.bat加载x509证书。(在管理员账户下运行)

然而,使用Daemon Service Manager启动Tomcat时,这种方式不起作用,KeyStore始终为空。

我也尝试了使用不同的账户,但遗憾的是结果相同:空的KeyStore。

我已经将私钥和所有必要的证书加载到本地计算机/当前用户中。

如何使这个工作起来?

英文:

Currently I'm using java code to load KeyStore through .cmd by Runtime.getRuntime().exec() to execute java -jar main.jar

The Code

this.ks = KeyStore.getInstance("Windows-MY");
this.ks.load(null, null);

The program is able to load x509 Certificate by using the startup.bat provided by Tomcat by default. (running in Administrator Account)

This is not working using Daemon Service Manager to start Tomcat, the KeyStore always returns empty.

I also tried using different accounts, but sadly same result: Empty KeyStore

Tomcat无法通过守护进程服务管理器定位所需的密钥库。

I already loaded the private key and all needed certificates to Local Computer / Current User.

How can I make this work?

答案1

得分: 0

问题是服务账户没有加载密钥。

使用 Microsoft MMC 是行不通的,因为这不会以服务账户运行,密钥只加载到用户存储中。

可以使用类似 PsExec.exe 的工具通过命令加载密钥。

英文:

The problem was the services account didn't have the key loaded.

Using Microsoft MMC won't work, as this will not run as services account and the key only loaded to users' store.

Use tools like PsExec.exe to load the key by commands.

huangapple
  • 本文由 发表于 2020年5月4日 18:52:21
  • 转载请务必保留本文链接:https://go.coder-hub.com/61590534.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定