java - Camel-Undertow 不适用于 SSL 配置:
问题描述
我正在使用 Camel-undertow 通过带有 TLS 配置的 HTTP2 发送请求:没有 SSL 配置,我能够通过 HTTP2 成功发送消息。为 UndertowComponent 配置 SSL 上下文参数后,发送方开始报告以下错误:
java.io.EOFException: EOF reached while reading
at jdk.incubator.httpclient/jdk.incubator.http.Http1AsyncReceiver$Http1TubeSubscriber.onComplete(Unknown Source)
at jdk.incubator.httpclient/jdk.incubator.http.SocketTube$InternalReadPublisher$ReadSubscription.signalCompletion(Unknown Source)
at jdk.incubator.httpclient/jdk.incubator.http.SocketTube$InternalReadPublisher$InternalReadSubscription.read(Unknown Source)
at jdk.incubator.httpclient/jdk.incubator.http.SocketTube$SocketFlowTask.run(Unknown Source)
at jdk.incubator.httpclient/jdk.incubator.http.internal.common.SequentialScheduler$SchedulableTask.run(Unknown Source)
at jdk.incubator.httpclient/jdk.incubator.http.internal.common.SequentialScheduler.runOrSchedule(Unknown Source)
at jdk.incubator.httpclient/jdk.incubator.http.internal.common.SequentialScheduler.runOrSchedule(Unknown Source)
at jdk.incubator.httpclient/jdk.incubator.http.SocketTube$InternalReadPublisher$InternalReadSubscription.signalReadable(Unknown Source)
at jdk.incubator.httpclient/jdk.incubator.http.SocketTube$InternalReadPublisher$ReadEvent.signalEvent(Unknown Source)
at jdk.incubator.httpclient/jdk.incubator.http.SocketTube$SocketFlowEvent.handle(Unknown Source)
at jdk.incubator.httpclient/jdk.incubator.http.HttpClientImpl$SelectorManager.handleEvent(Unknown Source)
at jdk.incubator.httpclient/jdk.incubator.http.HttpClientImpl$SelectorManager.run(Unknown Source)
在 Camel 应用程序中也不例外,只有少数与 org.apache.camel.util.jsse.BaseSSLContextParameters 相关的调试语句
"Using SSLEngineImpl.
2018-06-13 12:11:06,549 org.apache.camel.util.jsse.BaseSSLContextParameters DEBUG (BaseSSLContextParameters.java:engineCreateSSLEngine:881) [XNIO-2 I/O-3] | SSLEngine [50818ec5[SSLEngine[hostname=127.0.0.1 port=65113] SSL_NULL_WITH_NULL_NULL]] created from SSLContext [javax.net.ssl.SSLContext@56c4278e].
2018-06-13 12:11:06,550 org.apache.camel.util.jsse.BaseSSLContextParameters DEBUG (BaseSSLContextParameters.java:configure:353) [XNIO-2 I/O-3] | Configuring SSLEngine [50818ec5[SSLEngine[hostname=127.0.0.1 port=65113] SSL_NULL_WITH_NULL_NULL]] with
explicitly set cipher suites [null],
cipher suite patterns [null],
available cipher suites [[TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, … TLS_EMPTY_RENEGOTIATION_INFO_SCSV]],
currently enabled cipher suites [[TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256… TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, … TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]],
and default cipher suite patterns [Patterns [includes=[.*], excludes=[.*_NULL_.*, .*_anon_.*, .*_EXPORT_.*, .*_DES_.*]]].
Resulting enabled cipher suites are [[TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_.. TLS_EMPTY_RENEGOTIATION_INFO_SCSV]].
2018-06-13 12:11:06,550 org.apache.camel.util.jsse.BaseSSLContextParameters DEBUG (BaseSSLContextParameters.java:configure:372) [XNIO-2 I/O-3] | Configuring SSLEngine [50818ec5[SSLEngine[hostname=127.0.0.1 port=65113] SSL_NULL_WITH_NULL_NULL]] with
explicitly set protocols [null],
protocol patterns [null],
available protocols [[SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2]],
currently enabled protocols [[SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2]],
and default protocol patterns [Patterns [includes=[.*], excludes=[SSL.*]]].
Resulting enabled protocols are [[TLSv1, TLSv1.1, TLSv1.2]].
XNIO-2 I/O-3, called closeInbound()
XNIO-2 I/O-3, closeInboundInternal()
XNIO-2 I/O-3, closeOutboundInternal()
XNIO-2 I/O-3, called closeOutbound()
XNIO-2 I/O-3, closeOutboundInternal()
Using SSLEngineImpl.
2018-06-13 12:11:06,620 org.apache.camel.util.jsse.BaseSSLContextParameters DEBUG (BaseSSLContextParameters.java:engineCreateSSLEngine:881) [XNIO-2 I/O-4] | SSLEngine [6d696524[SSLEngine[hostname=127.0.0.1 port=65114] SSL_NULL_WITH_NULL_NULL]] created from SSLContext [javax.net.ssl.SSLContext@56c4278e].
2018-06-13 12:11:06,622 org.apache.camel.util.jsse.BaseSSLContextParameters DEBUG (BaseSSLContextParameters.java:configure:353) [XNIO-2 I/O-4] | Configuring SSLEngine [6d696524[SSLEngine[hostname=127.0.0.1 port=65114] SSL_NULL_WITH_NULL_NULL]] with
explicitly set cipher suites [null],
cipher suite patterns [null],
available cipher suites [[TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, …, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]],
currently enabled cipher suites [[TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256…, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]],
and default cipher suite patterns [Patterns [includes=[.*], excludes=[.*_NULL_.*, .*_anon_.*, .*_EXPORT_.*, .*_DES_.*]]].
Resulting enabled cipher suites are [[TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256… TLS_EMPTY_RENEGOTIATION_INFO_SCSV]].
2018-06-13 12:11:06,642 org.apache.camel.util.jsse.BaseSSLContextParameters DEBUG (BaseSSLContextParameters.java:configure:372) [XNIO-2 I/O-4] | Configuring SSLEngine [6d696524[SSLEngine[hostname=127.0.0.1 port=65114] SSL_NULL_WITH_NULL_NULL]] with
explicitly set protocols [null],
protocol patterns [null],
available protocols [[SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2]],
currently enabled protocols [[SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2]],
and default protocol patterns [Patterns [includes=[.*], excludes=[SSL.*]]].
Resulting enabled protocols are [[TLSv1, TLSv1.1, TLSv1.2]].
XNIO-2 I/O-4, called closeInbound()
XNIO-2 I/O-4, closeInboundInternal()
XNIO-2 I/O-4, closeOutboundInternal()
XNIO-2 I/O-4, called closeOutbound()
XNIO-2 I/O-4, closeOutboundInternal()"
以下是我的骆驼应用程序的片段
路线一:
from("undertow:http://127.0.0.1:10199/Common")
.process(new Processor() {
@Override
public void process(Exchange exchange) throws Exception {
System.out.println("Message received :" +
exchange.getIn().getBody(String.class));
}
})
.to("direct://protocolConverter");
路线2:
from("direct://protocolConverter").
to("undertow:https://localhost:8081/testEndpoint1");
准备骆驼上下文
//In main method
context.addComponent("undertow", getUndertowComponent(context));
//outside main
static UndertowComponent getUndertowComponent(CamelContext context){
UndertowComponent uc = new UndertowComponent(context);
UndertowHostOptions uho = new UndertowHostOptions();
uho.setHttp2Enabled(true);
uc.setHostOptions(uho);
// uc.setUseGlobalSslContextParameters(true);
//to enabled SSL support on undertow
configureSSLforUndertow(uc);
return uc;
}
static void configureSSLforUndertow(UndertowComponent uc) {
KeyStoreParameters trust_ksp = new KeyStoreParameters();
trust_ksp.setResource("/cacerts.jks");
trust_ksp.setPassword("changeit");
TrustManagersParameters trustp = new TrustManagersParameters();
trustp.setKeyStore(trust_ksp);
SSLContextParameters scp = new SSLContextParameters();
scp.setTrustManagers(trustp);
uc.setSslContextParameters(scp);
}
我不知道为什么 undertow 不能在启用 SSL 的情况下工作,我尝试了类似的配置,使用 camel-HTTP4 启用了 HTTP 的 SSL 它按预期工作,但是使用 Camel-undertow,它没有足够的问题症状就失败了。甚至不会打印路线 1 中的 println。我现在被封锁了。如果你们中的某些人已经面临同样的问题。请分享您的知识。
使用的骆驼版本:Apache Camel 2.21.1
注意:我已经验证了证书,相同的证书正在与 Http4 组件一起使用。
注意:我已从日志中删除密码列表以使其更具可读性
解决方案
推荐阅读
- supervisord - 达芙妮在主管下不断退出,没有任何错误
- javascript - Google Apps 脚本:错误 400:错误请求:组发送失败
- python - 如何使用numpy加上一个martix中的每一行以及另一个martix中的每一行
- javascript - 在画布面料js上添加图像(按路径)
- docker - 我怎样才能让赛普拉斯在 CI 中访问除 root 之外的其他路由?
- json - 在 JQ 中递归生成对象
- c - 'a' 被打印了多少次?(包括循环中的分叉)
- angular - 如何使用真正的后端 API 在角度材料表中进行内联行编辑
- web-scraping - Newspaper3k、用户代理和抓取
- ios - Swift youtube ios helper podfile 'sharedApplication' 不可用:在 iOS 上不可用(应用程序扩展)