ssl - Jetty HttpClient 9 (9.0.0.M5) SSLContextFactory 的 TrustAll 标志不起作用?

标签 ssl jetty jetty-httpclient

我正在使用 Jetty HttpClient 9 进行一些简单的网络抓取,但我似乎无法使其与 HTTPS 一起使用。以下发出同步 GET 请求的简单代码 ...

SslContextFactory sslContextFactory = new SslContextFactory(true);
HttpClient client = new HttpClient(sslContextFactory);
client.start();
ContentResponse response = client.newRequest("https://www.twitter.com")
                .method(HttpMethod.GET)
                .send();

创建 SslContextFactory 时在哪里使用 TrustAll 标志会导致以下似乎与 SSL 相关的异常 ...

java.util.concurrent.ExecutionException: org.eclipse.jetty.io.EofException
at org.eclipse.jetty.client.util.FutureResponseListener.getResult(FutureResponseListener.java:118)
at org.eclipse.jetty.client.util.FutureResponseListener.get(FutureResponseListener.java:101)
at org.eclipse.jetty.client.HttpRequest.send(HttpRequest.java:433)
at com.blogfrog.system.service.http.Jetty9HttpClientTester.main(Jetty9HttpClientTester.java:17)

Caused by: org.eclipse.jetty.io.EofException
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:597)
at org.eclipse.jetty.client.HttpReceiver.receive(HttpReceiver.java:74)
at org.eclipse.jetty.client.HttpConnection.receive(HttpConnection.java:308)
at org.eclipse.jetty.client.HttpExchange.receive(HttpExchange.java:104)
at org.eclipse.jetty.client.HttpConnection.onFillable(HttpConnection.java:296)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.run(AbstractConnection.java:240)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:278)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:78)
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:198)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.run(AbstractConnection.java:240)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:278)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:78)
at org.eclipse.jetty.io.SelectChannelEndPoint.onSelected(SelectChannelEndPoint.java:109)
at org.eclipse.jetty.io.SelectorManager$ManagedSelector.processKey(SelectorManager.java:482)
at org.eclipse.jetty.io.SelectorManager$ManagedSelector.select(SelectorManager.java:439)
at org.eclipse.jetty.io.SelectorManager$ManagedSelector.run(SelectorManager.java:404)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:589)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:520)
at java.lang.Thread.run(Thread.java:722)
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1362)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:513)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:790)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:490)
... 18 more
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1703)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:278)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:808)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:806)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1299)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:547)
... 18 more
Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address 199.59.148.10 found
at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:154)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:91)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347)
at sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(SSLContextImpl.java:889)
at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:828)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1328)
... 25 more

我在这里做错了什么?这是让 Jetty HttpClient 信任所有 SSL 连接的正确方法吗?如果不是,正确的方法是什么?

最佳答案

(从这里的邮件列表中修复)

这是一个错误:https://bugs.eclipse.org/bugs/show_bug.cgi?id=400184

它已在 master 中修复,作为解决方法,这应该可行:

SslContextFactory.setEndpointIdentificationAlgorithm(null);

关于ssl - Jetty HttpClient 9 (9.0.0.M5) SSLContextFactory 的 TrustAll 标志不起作用?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/14741120/

上一篇:apache - 使用 Apache+SSL 执行 CGI 脚本

下一篇:ssl - PayPal IPN 更新以适应 HTTP1.1 - 连接由对等方重置

相关文章:

c# - 如何测试 SSL/TLS 底层是否正常工作

mysql - 为 Google Cloud SQL 实例启用 "Allow only SSL connection"并从配置了 SSL 的 Spring 应用程序连接到它

java:没有网络服务器的基本网络服务接口(interface)

java - 针对特定目录的 Jetty9 基本身份验证

java - 如何为SWT浏览器和Jetty HttpClient设置相同的CookieStore

apache - 在 apache httpd 反向代理和 Tomcats 之间进行双向 SSL 身份验证

ssl - 为什么我的 WWW-Subdomain 没有显示?

java - 通过反射运行 jetty Web 服务

java - 使用 Jetty 9 从 HttpClient 获取响应时出错

©2024 IT工具网  联系我们