尝试在 WebSphere Liberty 概要文件上启用 SSL/TLS 时,WLP 无法允许 SSL 连接。
<?xml version="1.0" encoding="UTF-8"?>
<server description="DefaultServer">
<!-- Enable features -->
<featureManager>
<feature>webProfile-7.0</feature>
<feature>ssl-1.0</feature>
</featureManager>
<keyStore id="defaultKeyStore" location="/opt/wlp/usr/servers/defaultServer/wildcard.p12" type="PKCS12" password="******"/>
<!-- To access this server from a remote client add a host attribute to the following element, e.g. host="*" -->
<httpEndpoint id="defaultHttpEndpoint"
host="*"
httpPort="9080"
httpsPort="9443" />
<!-- Automatically expand WAR files and EAR files -->
<applicationManager autoExpand="true"/>
</server>
发出时curl https://localhost:9443 --insecure -vv,我得到以下响应。如果我使用默认生成的,这不会发生<keyStore id="defautlKeyStore" password="somePassword"/>
[~] curl https://localhost:9443 --insecure -vv
About to connect() to localhost port 9443 (#0)
Trying ::1...
Connected to localhost (::1) port 9443 (#0)
Initializing NSS with certpath: sql:/etc/pki/nssdb
NSS error -5938 (PR_END_OF_FILE_ERROR)
Encountered end of file
Closing connection 0
curl: (35) Encountered end of file
有人可以解释发生了什么吗?
一些 .p12 属性数据。请注意,下面显示的 .p12 省略了私钥和证书。
MAC verified OK
Bag Attributes
Microsoft Local Key set: <No Values>
localKeyID: 01 00 00 00
friendlyName: <omitted for Stack Overflow Post>
Microsoft CSP Name: Microsoft RSA SChannel Cryptographic Provider
Key Attributes
X509v3 Key Usage: 10