SSLHandShakeException到API网关的ResteasyClient实现
SSLHandShakeException到API网关的ResteasyClient实现
提问于 2016-01-14 01:46:53
当我在AWS网关中尝试使用JBOSS对SSLHandShakeException进行简单的GET请求时,我就得到了SSLHandShakeException。这是我的密码:
public static void main(String[] args){
ResteasyClient client = new ResteasyClientBuilder().build();
ResteasyWebTarget target = client.target( "https://MYAPI_ID.execute-api.us-east-1.amazonaws.com/prod/proxy" );
Response response = target.request().get();
String value = response.readEntity( String. class );
System.out.println( value );
response.close();
}我明白了:
Exception in thread "main" javax.ws.rs.ProcessingException: RESTEASY004655: Unable to invoke request
at org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:287)
at org.jboss.resteasy.client.jaxrs.internal.ClientInvocation.invoke(ClientInvocation.java:436)
at org.jboss.resteasy.client.jaxrs.internal.ClientInvocationBuilder.get(ClientInvocationBuilder.java:159)
at com.contaazul.gov.core.TesteSimples.main(TesteSimples.java:20)
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:533)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:401)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:178)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:610)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:445)
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
at org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient4Engine.invoke(ApacheHttpClient4Engine.java:283)
... 3 more这段代码适用于其他站点,如https://google.com/和my的URL用于cURL、Python,以及类似于Java:System.out.println(org.apache.commons.io.IOUtils.toString(new URL("https://MYAPI_ID.execute-api.us-east-1.amazonaws.com/prod/proxy")));中的内容
我已经尝试过将cert添加到keystore (很多次,很多方式),我认为如果cert是问题所在,我就无法在IOUtils中得到响应,对吗?
谢谢!
Stack Overflow用户
回答已采纳
发布于 2017-03-10 04:18:44
我在API中看到的每一个SSLHandShakeException都是由不支持SNI的客户端造成的。API网关使用服务器名称指示(SNI)来支持许多自定义域名,使用一小组IP地址来避免为每个名称分配专用IP地址。因此,客户端必须支持SNI才能调用API网关承载的API。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/34780354
复制相关文章
相似问题
腾讯云开发者
