问题描述
我最近升级到 akka http 10.2.3 和 akka 2.6.11。我在我的服务中使用 Http().singleRequest(_,httpsCtx) 用 https 调用 API,这里 httpsCtx 是 https 上下文。在升级 akka http 之前,下面创建 https 上下文的代码运行良好
private def getHttpsContext: HttpsConnectionContext = {
import com.typesafe.sslconfig.akka.AkkaSSLConfig
import java.security.cert.X509Certificate
import javax.net.ssl.{ KeyManager,SSLContext,x509trustmanager }
val trustfulSslContext: SSLContext = {
object NoCheckx509trustmanager extends x509trustmanager {
override def checkClientTrusted(chain: Array[X509Certificate],authType: String): Unit = ()
override def checkServerTrusted(chain: Array[X509Certificate],authType: String): Unit = ()
override def getAcceptedissuers: Array[X509Certificate] = Array[X509Certificate]()
}
val context = SSLContext.getInstance("TLS")
context.init(Array[KeyManager](),Array(NoCheckx509trustmanager),null)
context
}
val sslConfig = AkkaSSLConfig().mapSettings(s => s.withLoose(s.loose.withAcceptAnyCertificate(true).withdisableHostnameVerification(true).withdisableSNI(true)))
val ctx = Http().createClientHttpsContext(sslConfig)
ConnectionContext.https(trustfulSslContext,ctx.sslConfig,ctx.enabledCipherSuites,ctx.enabledProtocols,ctx.clientAuth,ctx.sslParameters)
}
升级后我发现 Http().createClientHttpsContext 和 ConnectionContext.https 已弃用,建议使用 ConnectionContext.httpsClient。我重新编写了逻辑来适应这些变化,但它总是因“一般 SSLEngine 问题”而失败。
private def getHttpsContext: HttpsConnectionContext = {
import java.security.cert.X509Certificate
import javax.net.ssl.{ KeyManager,null)
context
}
ConnectionContext.httpsClient(trustfulSslContext)
}
我也尝试过使用以下 akka 配置的上述代码,但它不起作用。使用 singleRequest 传递 https 上下文的最佳方法是什么?我也试过这里提到的“Http().outgoingConnectionHttps(unsafeHost,connectionContext = badCtx)”https://doc.akka.io/docs/akka-http/current/client-side/client-https-support.html。它也因相同的“一般 SSLEngine 问题”而失败。可能是什么问题?
akka {
ssl-config {
loose {
disableHostnameVerification = true,acceptAnyCertificate = true,disableSNI = true
}
}
}
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)