问题描述
我在端口 8002 上为 HTTP1.1 和 HTTP/2 配置了 Tomcat 服务器,在端口 8003 上配置了 HTTPS 以允许我进行测试。我正在使用 Apache HTTP Client 5.0 编写 Java 代码以将 HTTP/2 与服务器通信并遇到问题。最终,我希望能够使用 HTTP/2 将包含内容的消息发布到服务器,但我遇到了问题,因此我将代码简化为一个基于 Apache 提供的示例之一的简单示例 - {{ 3}}。
给定的示例是使用 GET 请求点击 H2TlsAlpnRequestExecutionExample,我可以让它工作。更改为 POST 请求也有效 - 尽管您收到了 HTTP 405(不允许的方法)响应,但调用已完成。如果我将完全相同的示例指向我的服务器,那么我可以使用 HTTP/2 成功地 GET 和 POST 到常规的 HTTP/1.1 端口 (8002)。然而,尝试在端口 8003 上 GET 或 POST 到 HTTPS 失败 - 尽管使用 HTTPv1.1(而不是 HTTP/2)的 GET/POST 也适用于 HTTPS/8003。
打开 DEBUG 后,我看不到来自 apache 库的太多调试信息,但我确实看到我的日志消息说我的证书在这两种情况下都是可信的,因此显然已经完成了一些初始呼叫协商。
这是对 nghttp2.org 的 HTTP2 调用的日志(我从日志中的一行中看到它正在使用 HTTP/2):
javax.net.ssl|DEBUG|01|main|2021-03-04 12:37:29.021 GMT|SSLCipher.java:438|jdk.tls.keyLimits: entry = AES/GCM/nopadding KeyUpdate 2^37. AES/GCM/nopADDING:KEYUPDATE = 137438953472
0 [main] DEBUG com.test.HTTP2Tester - Making requst to https://nghttp2.org:443
422 [main] INFO com.test.HTTP2Tester - Awaiting latch to countdown ....
javax.net.ssl|DEBUG|0E|requester-dispatch-1|2021-03-04 12:37:30.345 GMT|SSLCipher.java:1840|KeyLimit read side: algorithm = AES/GCM/nopADDING:KEYUPDATE
countdown value = 137438953472
javax.net.ssl|DEBUG|0E|requester-dispatch-1|2021-03-04 12:37:30.347 GMT|SSLCipher.java:1994|KeyLimit write side: algorithm = AES/GCM/nopADDING:KEYUPDATE
countdown value = 137438953472
725 [requester-dispatch-1] INFO com.test.HTTP2Tester - Trusting certificate from CN=nghttp2.org
javax.net.ssl|DEBUG|0E|requester-dispatch-1|2021-03-04 12:37:30.378 GMT|SSLCipher.java:1840|KeyLimit read side: algorithm = AES/GCM/nopADDING:KEYUPDATE
countdown value = 137438953472
javax.net.ssl|DEBUG|0E|requester-dispatch-1|2021-03-04 12:37:30.379 GMT|SSLCipher.java:1994|KeyLimit write side: algorithm = AES/GCM/nopADDING:KEYUPDATE
countdown value = 137438953472
942 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - 0 <<[type=4,flags=0,streamId=0,payoad=java.nio.HeapByteBuffer[pos=9 lim=33 cap=65545]]
943 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - 0 <<[type=4,payoad=java.nio.HeapByteBuffer[pos=9 lim=33 cap=65545]]
958 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) >> :method: POST
958 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) >> :scheme: https
959 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) >> :authority: nghttp2.org:443
959 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) >> :path: /httpbin/ip
959 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) >> user-agent: Apache-HttpCore/5.0.2 (Java/11.0.10)
966 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - 0 <<[type=4,flags=1,payoad=null]
966 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - 0 <<[type=4,payoad=null]
1168 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - 1 <<[type=1,flags=4,streamId=1,payoad=java.nio.HeapByteBuffer[pos=9 lim=258 cap=65545]]
1169 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - 1 <<[type=1,payoad=java.nio.HeapByteBuffer[pos=9 lim=258 cap=65545]]
1170 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << :status: 405
1170 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << date: Thu,04 Mar 2021 12:37:30 GMT
1172 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << content-type: text/html
1173 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << allow: GET,HEAD,OPTIONS
1173 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << content-length: 178
1173 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << access-control-allow-origin: *
1174 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << access-control-allow-credentials: true
1175 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << x-backend-header-rtt: 0.002696
1176 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << strict-transport-security: max-age=31536000
1176 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << server: nghttpx
1176 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << via: 1.1 nghttpx
1177 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << alt-svc: h3-29=":443"; ma=3600
1177 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << x-frame-options: SAMEORIGIN
1177 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << x-xss-protection: 1; mode=block
1178 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - nghttp2.org/139.162.123.134:443 (1) << x-content-type-options: nosniff
1186 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - 1 <<[type=0,payoad=java.nio.HeapByteBuffer[pos=267 lim=445 cap=65545]]
1186 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - 1 <<[type=0,payoad=java.nio.HeapByteBuffer[pos=267 lim=445 cap=65545]]
1188 [requester-dispatch-1] INFO com.test.HTTP2Tester - Complete : /httpbin/ip->405 HTTP/2.0
1189 [requester-dispatch-1] DEBUG com.test.HTTP2Tester - <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>405 Method Not Allowed</title>
<h1>Method Not Allowed</h1>
<p>The method is not allowed for the requested URL.</p>
1189 [main] INFO com.test.HTTP2Tester - Awaiting latch to countdown .... done
这是我指向我的服务器时的日志。您可以看到它说它信任该证书,因此它必须已连接并进行了一些协商,但之后没有任何反应。
javax.net.ssl|DEBUG|01|main|2021-03-04 14:51:36.352 GMT|SSLCipher.java:438|jdk.tls.keyLimits: entry = AES/GCM/nopadding KeyUpdate 2^37. AES/GCM/nopADDING:KEYUPDATE = 137438953472
0 [main] DEBUG com.test.HTTP2Tester - Making requst to https://localhost:8003
54 [main] INFO com.test.HTTP2Tester - Awaiting latch to countdown ....
117 [requester-dispatch-1] INFO com.test.HTTP2Tester - Trusting certificate from EMAILADDRESS=john.fergus@......
javax.net.ssl|DEBUG|0E|requester-dispatch-1|2021-03-04 14:51:37.145 GMT|Alert.java:238|Received alert message (
"Alert": {
"level" : "warning","description": "close_notify"
}
)
182 [requester-dispatch-1] WARN com.test.HTTP2Tester - Failed : /VSFTestMT_Test/Test/Test_EchoHttpGet->org.apache.hc.core5.http.ConnectionClosedException: Connection is closed
183 [main] INFO com.test.HTTP2Tester - Awaiting latch to countdown .... done
这是代码。
public void testWithHTTP2() throws Exception {
final String testName = "testWithHTTP2";
String content = "Code=99&Message=Goodbye";
String contentType = "application.x_www_form_urlencoded";
final SSLContext sslcontext = SSLContexts.custom()
.loadTrustMaterial(new TrustStrategy() {
@Override
public boolean isTrusted(X509Certificate[] chain,String authType)
throws CertificateException {
final X509Certificate cert = chain[0];
Log.info("Trusting certificate from "+cert.getSubjectDN());
return true;
}
})
.build();
final Tlsstrategy tlsstrategy = ClientTlsstrategyBuilder.create()
.setSslContext(sslcontext)
// IMPORTANT uncomment the following method when running Java 9 or older
// in order for ALPN support to work and avoid the illegal reflective
// access operation warning
.setTlsDetailsFactory(new Factory<SSLEngine,TlsDetails>() {
@Override
public TlsDetails create(final SSLEngine sslEngine) {
return new TlsDetails(sslEngine.getSession(),sslEngine.getApplicationProtocol());
}
})
.build();
final H2Config h2Config = H2Config.custom()
.setPushEnabled(false)
.build();
HttpAsyncRequester requester = H2RequesterBootstrap.bootstrap()
.setH2Config(h2Config)
.setIOReactorConfig(IOReactorConfig.custom()
.setSoTimeout(Timeout.ofSeconds(5))
.build())
.setTlsstrategy(tlsstrategy)
.setVersionPolicy(HttpVersionPolicy.FORCE_HTTP_2)
.setStreamListener(new H2StreamListener() {
//final FramePrinter framePrinter = new FramePrinter();
private void logFrameInfo(final String prefix,final RawFrame frame) {
Log.debug(prefix);
Log.debug(frame.toString());
}
private void logFramePayload(final String prefix,final RawFrame frame) {
Log.debug(prefix);
Log.debug(frame.getPayload());
}
@Override
public void onHeaderInput(final httpconnection connection,final int streamId,final List<? extends Header> headers) {
for (int i = 0; i < headers.size(); i++) {
Log.debug(connection.getRemoteAddress() + " (" + streamId + ") << " + headers.get(i));
}
}
@Override
public void onHeaderOutput(final httpconnection connection,final List<? extends Header> headers) {
for (int i = 0; i < headers.size(); i++) {
Log.debug(connection.getRemoteAddress() + " (" + streamId + ") >> " + headers.get(i));
}
}
@Override
public void onFrameInput(final httpconnection connection,final RawFrame frame) {
if (Log.isDebugEnabled()) {
Log.debug(streamId + " <<" + frame);
}
if (Log.isDebugEnabled()) {
Log.debug(streamId + " <<" + frame);
}
}
@Override
public void onFrameOutput(final httpconnection connection,final RawFrame frame) {
}
@Override
public void onInputFlowControl(final httpconnection connection,final int delta,final int actualSize) {
}
@Override
public void onOutputFlowControl(final httpconnection connection,final int actualSize) {
}
})
.create();
CountDownLatch countDownLatch = new CountDownLatch(1);
requester.start();
// This tells me it trusts the cert,but get no further - just a "connection is closed" failure
final HttpHost target = new HttpHost("https","localhost",8003);
final String requestUri = "/VSFTestMT_Test/Test/Test_EchoHttpGet";
// This works fine ... get a 405 saying POST is not allowed.
// final HttpHost target = new HttpHost("https","nghttp2.org",443);
// final String requestUri = "/httpbin/ip";
Log.debug("Making requst to "+target);
final Future<AsyncclientEndpoint> future = requester.connect(target,Timeout.ofSeconds(5));
final AsyncclientEndpoint clientEndpoint = future.get();
final Future<Message<HttpResponse,String>> resultFuture1 = clientEndpoint.execute(
new BasicRequestProducer(
Method.POST,target,requestUri,new StringAsyncEntityProducer(content,ContentType.create(contentType))),new BasicResponseConsumer<>(new StringAsyncEntityConsumer()),new FutureCallback<Message<HttpResponse,String>>() {
@Override
public void completed(final Message<HttpResponse,String> message) {
clientEndpoint.releaseAndReuse();
final HttpResponse response = message.getHead();
final String body = message.getBody();
Log.info("Complete : "+requestUri + "->" + response.getCode() + " " + response.getVersion());
Log.debug(body);
countDownLatch.countDown();
}
@Override
public void Failed(final Exception ex) {
clientEndpoint.releaseAnddiscard();
Log.warn("Failed : "+requestUri + "->" + ex);
countDownLatch.countDown();
}
@Override
public void cancelled() {
clientEndpoint.releaseAnddiscard();
Log.warn("Cancelled : "+requestUri );
countDownLatch.countDown();
}
});
Log.info("Awaiting latch to countdown ....");
countDownLatch.await();
Log.info("Awaiting latch to countdown .... done");
Message<HttpResponse,String> response = resultFuture1.get();
Assert.assertNotNull(response);
final HttpResponse response1 = response.getHead();
final String entity1 = response.getBody();
Assert.assertNotNull(response1);
Assert.assertEquals(200,response1.getCode());
assertTrue("Check we get Message Success back",response.getBody().contains("Success"));
assertTrue("Check we get Message Goodbye back",response.getBody().contains("Goodbye"));
Log.info("Shutting down I/O reactor");
requester.initiateShutdown();
}
有没有人知道如何调试或解决问题?我认为我的 Tomcat 服务器设置没问题 - 有什么东西或工具可以用来验证它吗?我能否查看更多调试/日志信息以了解连接关闭的原因以及关闭连接发生了什么?
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)