Nacos v2.2运行出错

最新推荐文章于 2025-03-13 16:40:32 发布

biyeyuanma

最新推荐文章于 2025-03-13 16:40:32 发布

阅读量8k

点赞数 12

分类专栏： Spring Cloud 文章标签： spring cloud

本文链接：https://blog.youkuaiyun.com/guyan999/article/details/129727150

版权

Spring Cloud 专栏收录该内容

3 篇文章

订阅专栏

文章描述了在初次运行Nacos时遇到的由于JWT密钥不足256位导致的异常，以及如何通过修改`application.properties`文件，设置`nacos.core.auth.*`相关参数来解决此问题。首先，将默认的secretkey设置为足够安全的值，然后添加serveridentitykey和value以满足认证需求，最终成功运行Nacos。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

第一次下载Nacos，直接运行后出现异常错误：

Caused by: java.lang.IllegalArgumentException: The specified key byte array is 0 bits which is not secure enough for any JWT HMAC-SHA algorithm.  The JWT JWA Specification (RFC 7518, Section 3.2) states that keys used with HMAC-SHA algorithms MUST have a size >= 256 bits (the key size must be greater than or equal to the hash output size).  See https://tools.ietf.org/html/rfc7518#section-3.2 for more information.
        at com.alibaba.nacos.plugin.auth.impl.jwt.NacosJwtParser.<init>(NacosJwtParser.java:56)
        at com.alibaba.nacos.plugin.auth.impl.token.impl.JwtTokenManager.processProperties(JwtTokenManager.java:71)
        ... 115 common frames omitted
2023-03-23 11:20:14,716 WARN [ThreadPoolManager] Start destroying ThreadPool

查看某度、官方才知道，Nacos官方因前期爆出的权限漏洞，把安装包内的默认参数置空了，所以把application.properties文件修改如下：

nacos.core.auth.enabled=true 
nacos.core.auth.system.type=nacos #启用
nacos.core.auth.plugin.nacos.token.secret.key=SecretKey012345678901234567890123456789012345678901234567890123456789 #官方默认参数，自行修改

然后再尝试运行，出现如下异常信息：

Caused by: com.alibaba.nacos.api.exception.NacosException: Empty identity, Please set `nacos.core.auth.server.identity.key` and `nacos.core.auth.server.identity.value`, detail: https://nacos.io/zh-cn/docs/v2/guide/user/auth.html
        at com.alibaba.nacos.auth.config.AuthConfigs.validate(AuthConfigs.java:100)
        at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)
        at java.base/java.lang.reflect.Method.invoke(Method.java:578)
        at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor$LifecycleElement.invoke(InitDestroyAnnotationBeanPostProcessor.java:389)
        at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor$LifecycleMetadata.invokeInitMethods(InitDestroyAnnotationBeanPostProcessor.java:333)
        at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor.postProcessBeforeInitialization(InitDestroyAnnotationBeanPostProcessor.java:157)

修改参数配置文件：

### The two properties is the white list for auth and used by identity the request from other server.
nacos.core.auth.server.identity.key=test
nacos.core.auth.server.identity.value=test

修改后，运行成功！