我的目标是使用javascript webkitGetUserMedia访问网络摄像头,并在我的LAN网络上使用java WebSocket。我将apache-tomcat-9.0.20与apache-maven-3.6.3和eclipse ide一起使用。我可以正常访问网络上的http。但是,使用https只能访问服务器本身。我尝试关闭防火墙,将默认主机名更改为服务器计算机名。但没有任何效果。请记住,网络摄像头需要使用https,而且我仅通过将jsp更改为php就能够在我的Web中使用apache服务使用我的代码,因此我真的怀疑这是防火墙问题。
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
--><!-- Note: A "Server" is not itself a "Container", so you may not
define subcomponents such as "Valves" at this level.
Documentation at /docs/config/server.html
--><Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener"/>
<!-- Security listener. Documentation at /docs/config/listeners.html
<Listener className="org.apache.catalina.security.SecurityListener" />
-->
<!--APR library loader. Documentation at /docs/apr.html -->
<Listener SSLEngine="on" className="org.apache.catalina.core.AprLifecycleListener"/>
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>
<!-- Global JNDI resources
Documentation at /docs/jndi-resources-howto.html
-->
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource auth="Container" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" name="UserDatabase" pathname="conf/tomcat-users.xml" type="org.apache.catalina.UserDatabase"/>
</GlobalNamingResources>
<!-- A "Service" is a collection of one or more "Connectors" that share
a single "Container" Note: A "Service" is not itself a "Container",
so you may not define subcomponents such as "Valves" at this level.
Documentation at /docs/config/service.html
-->
<Service name="Catalina">
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
<!--
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="150" minSpareThreads="4"/>
-->
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
Java HTTP Connector: /docs/config/http.html
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
-->
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>
<!-- A "Connector" using the shared thread pool-->
<Connector connectionTimeout="20000" executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
This connector uses the NIO implementation. The default
SSLImplementation will depend on the presence of the APR/native
library and the useOpenSSL attribute of the
AprLifecycleListener.
Either JSSE or OpenSSL style configuration may be used regardless of
the SSLImplementation selected. JSSE style configuration is used below.
-->
<Connector SSLEnabled="true" maxThreads="150" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol">
</Connector>
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2
This connector uses the APR/native implementation which always uses
OpenSSL for TLS.
Either JSSE or OpenSSL style configuration may be used. OpenSSL style
configuration is used below.
-->
<Connector SSLEnabled="true" maxThreads="150" port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol">
<UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol"/>
<SSLHostConfig>
<Certificate certificateChainFile="C:\Users\spjpi\Desktop\localhost.pkipath" certificateFile="C:\Users\spjpi\Desktop\localhost.cer" certificateKeyFile="C:\Users\spjpi\Desktop\localhost.pem" type="RSA"/>
</SSLHostConfig>
</Connector>
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
<!-- An Engine represents the entry point (within Catalina) that processes
every request. The Engine implementation for Tomcat stand alone
analyzes the HTTP headers included with the request, and passes them
on to the appropriate Host (virtual host).
Documentation at /docs/config/engine.html -->
<!-- You should set jvmRoute to support load-balancing via AJP ie :
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
-->
<Engine defaultHost="localhost" name="Catalina">
<!--For clustering, please take a look at documentation at:
/docs/cluster-howto.html (simple how to)
/docs/config/cluster.html (reference documentation) -->
<!--
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
-->
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
</Realm>
<Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" pattern="%h %l %u %t "%r" %s %b" prefix="localhost_access_log" suffix=".txt"/>
<Context docBase="camera" path="/camera" reloadable="true" source="org.eclipse.jst.j2ee.server:camera"/></Host>
</Engine>
</Service>
</Server>首先,在示例配置中,您要多次注册相同的端口(2x8080和2x8443),因此您的服务器将在控制台中引发错误。
确保每个端口仅注册一个连接器。用另一种方式,您将得到这样的证据:
2020年2月27日01:56:22.744 INFO [主] org.apache.coyote.AbstractProtocol.init初始化ProtocolHandler [“ http-nio-8080”]
27-Feb-2020 01:56:22.783 INFO [主]组织。 apache.coyote.AbstractProtocol.init初始化ProtocolHandler [“ http-nio-8080”]
2020年2月27日01:56:22.795严重[main] org.apache.catalina.util.LifecycleBase.handleSubClassException无法初始化组件[Connector [ HTTP / 1.1-8080]]
org.apache.catalina.LifecycleException:协议处理程序初始化在org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)上的org.apache.catalina.connector.Connector.initInternal(Connector.java:983)失败在org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)在org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)在org.apache.catalina.core.StandardServer.initInternal (StandardServer.java:1059),位于org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136),位于org.apache.catalina.startup.Catalina.load(Catalina.java:584),位于org.apache。 catalina.startup.Catalina.start(Catalina.java:621)位于sun.reflect.NativeMethodAccessorImpl.invoke0(本地方法)位于sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)位于sun.reflect.DelegatingMethodAccessorImpl。调用org.apache.catalina上的java.lang.reflect.Method.invoke(Method.java:498)上的invoke(DelegatingMethodAccessorImpl.java:43)org.apache.catalina上的invoke。(Method.java:498) .startup.Bootstrap.main(Bootstrap.java:475)原因:java.net.BindException:sun.nio.ch.Net.bind0(本机方法)处已经在使用的地址。 (Net.java:433),位于sun.nio.ch.Net.bind(Net.java:425),位于sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:223),位于sun.nio.ch.ServerSocketAdaptor。在org.apache.tomcat.util.net.NioEndpoint.initServerSocket(NioEndpoint.java:248)处绑定(ServerSocketAdaptor.java:74)在org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:222)处在org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1119)在org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint。java:1132)位于org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:557)位于org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:74)位于org.apache.catalina.connector.Connector .initInternal(Connector.java:980)
...另外13个
因此,您应该为端口8080选择以下配置之一:
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
Java HTTP Connector: /docs/config/http.html
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
-->
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>
<!-- A "Connector" using the shared thread pool-->
<!--<Connector connectionTimeout="20000" executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>-->
或使用共享线程池:
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
Java HTTP Connector: /docs/config/http.html
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
-->
<!--<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>-->
<!-- A "Connector" using the shared thread pool-->
<Connector connectionTimeout="20000" executor="tomcatThreadPool" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>
与SSL端口8443类似的情况:
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 This connector uses
the NIO implementation. The default SSLImplementation will depend on the
presence of the APR/native library and the useOpenSSL attribute of the AprLifecycleListener.
Either JSSE or OpenSSL style configuration may be used regardless of the
SSLImplementation selected. JSSE style configuration is used below. -->
<Connector SSLEnabled="true" maxThreads="150" port="8443"
protocol="org.apache.coyote.http11.Http11NioProtocol">
<SSLHostConfig>
<Certificate
certificateChainFile="C:\Users\spjpi\Desktop\localhost.pkipath"
certificateFile="C:\Users\spjpi\Desktop\localhost.cer"
certificateKeyFile="C:\Users\spjpi\Desktop\localhost.pem"
type="RSA" />
</SSLHostConfig>
</Connector>
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2 This
connector uses the APR/native implementation which always uses OpenSSL for
TLS. Either JSSE or OpenSSL style configuration may be used. OpenSSL style
configuration is used below. -->
<!--<Connector SSLEnabled="true" maxThreads="150" port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol">
<UpgradeProtocol
className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig>
<Certificate
certificateChainFile="C:\Users\spjpi\Desktop\localhost.pkipath"
certificateFile="C:\Users\spjpi\Desktop\localhost.cer"
certificateKeyFile="C:\Users\spjpi\Desktop\localhost.pem"
type="RSA" />
</SSLHostConfig>
</Connector>-->
使用Http / 2协议:
<!--<Connector SSLEnabled="true" maxThreads="150" port="8443"
protocol="org.apache.coyote.http11.Http11NioProtocol">
<SSLHostConfig>
<Certificate
certificateChainFile="C:\Users\spjpi\Desktop\localhost.pkipath"
certificateFile="C:\Users\spjpi\Desktop\localhost.cer"
certificateKeyFile="C:\Users\spjpi\Desktop\localhost.pem"
type="RSA" />
</SSLHostConfig>
</Connector>-->
<!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2 This
connector uses the APR/native implementation which always uses OpenSSL for
TLS. Either JSSE or OpenSSL style configuration may be used. OpenSSL style
configuration is used below. -->
<Connector SSLEnabled="true" maxThreads="150" port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol">
<UpgradeProtocol
className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig>
<Certificate
certificateChainFile="C:\Users\spjpi\Desktop\localhost.pkipath"
certificateFile="C:\Users\spjpi\Desktop\localhost.cer"
certificateKeyFile="C:\Users\spjpi\Desktop\localhost.pem"
type="RSA" />
</SSLHostConfig>
</Connector>
有效的示例配置(具有我自己的密钥库)可以是:
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<!--APR library loader. Documentation at /docs/apr.html -->
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
<!--
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="150" minSpareThreads="4"/>
-->
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="/Users/myuser/dev/keystore/keystore-dev.jks"
certificateKeyAlias="localhost" certificateKeystorePassword="localhost"
type="RSA" />
</SSLHostConfig>
</Connector>
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
如果一切都配置正确,请启动服务器,您将在日志中看到类似以下内容的内容:
2020年2月27日02:15:14.234 INFO [主] org.apache.coyote.AbstractProtocol.init初始化ProtocolHandler [“ http-nio-8080”]
27-Feb-2020 02:15:14.268 INFO [主]组织。 apache.coyote.AbstractProtocol.init初始化ProtocolHandler [“ https-jsse-nio-8443”]
2020年2月27日02:15:14.473 INFO [main] org.apache.coyote.AbstractProtocol.init初始化ProtocolHandler [“ ajp-nio -8009“]
2020年2月27日02:15:14.475信息[主要] org.apache.catalina.startup.Catalina.load服务器初始化的时间为[828]毫秒[
2020年2月27日02:15:14.500信息[主要] org.apache.catalina.core.StandardService.startInternal启动服务[Catalina]
2020年2月27日02:15:14.500 INFO [main] org.apache.catalina.core.StandardEngine.startInternal启动Servlet引擎:[Apache Tomcat / 9.0 .20]
....
2020年2月27日02:15:15.144信息[主] org.apache.coyote.AbstractProtocol.start启动ProtocolHandler [“ http-nio-8080”]
2020年2月27日02:15:15.158信息[主]组织。 apache.coyote.AbstractProtocol.start启动ProtocolHandler [“ https-jsse-nio-8443”]
2020年2月27日02:15:15.164 INFO [main] org.apache.coyote.AbstractProtocol.start启动ProtocolHandler [“ ajp-nio -8009“]
2020年2月27日02:15:15.166信息[主] org.apache.catalina.startup.Catalina.start服务器启动的时间为[690]毫秒
之后,从浏览器或命令行(使用curl,wget等)在本地测试服务器:
https:// YOUR_IP:8443 /(其中YOUR_IP是您的服务器IP,例如192.168.0.1)
如果您的证书是自签名证书(供开发使用)或未由受信任的权威机构签名,则在浏览器中将出现如下错误:“您的连接不是私有的”(例如ERR_CERT_AUTHORITY_INVALID)。因此,您需要将证书放入受信任的证书存储中,接受并接受不安全的证书,或者使用由受信任的权威机构签名的可用于生产的证书(有关此问题的更多信息:解决无效的SSL / TLS问题)。
请记住,默认情况下,tomcat连接器将侦听所有本地服务器地址。
供您参考,如果您想限制绑定的IP地址,则连接器具有“地址”属性,您可以使用IP指定该属性。
从Tomcat参考:docs
地址
对于具有多个IP地址的服务器,此属性指定将用于侦听指定端口的地址。默认情况下,连接器将侦听所有本地地址。除非使用系统属性以其他方式配置JVM,否则在配置为0.0.0.0或::时,基于Java的连接器(NIO,NIO2)将同时侦听IPv4和IPv6地址。如果配置为0.0.0.0,则APR /本机连接器将仅侦听IPv4地址,如果使用::进行配置,则将侦听IPv6地址(以及视ipv6onlyv6的设置而定的IPv4地址)。
如果您无法使用提供的此URL在本地访问服务器,请提供日志和错误消息。
否则,如果您可以在本地成功访问所有这些URL,请从远程主机尝试:
希望能帮助到你,
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句