提问者:小点点

SSLException:无法识别的SSL消息,明文连接?通过代理在骆驼中发送https POST时出错


我正在尝试通过代理使用camel https4组件连接到外部httpsendpoint。为此,我在linux(18.04)中设置了squid代理。

根据参考文献[http://camel.apache.org/http4.html],我注意到这可以使用proxyAuthHost和proxyAuthPort参数来完成。所以我试着用下面给出的URL来检查它

http://endpoint-ssl-url.com/path/to/resource?proxyAuthPort=xxxx

但是它不断地给出“javax.net. ssl.SSLException:无法识别的SSL消息,明文连接?”。我尝试了下面提到的许多方法,但结果是一样的。

有人能根据你的经验/专业知识给出一点提示吗?

尝试1:使用PoolingHttpClientConnectionManager

代码:

@ApplicationScoped
@ContextName("camel_cdi_context")
public class HTTPRouter extends RouteBuilder {

    @Override
    public void configure() throws Exception {

        errorHandler(deadLetterChannel("direct:error"));

        try {

            SSLContext sslContext = new SSLContextBuilder()
                    .loadTrustMaterial(null, new TrustStrategy() {
                        public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
                            System.out.println("HTTPRouter.configure().new TrustStrategy() {...}.isTrusted()");
                            return true;
                        }
                    })
                    .build();

            final SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext);

            HttpComponent http4 = getContext().getComponent("https4", HttpComponent.class);
            http4.setHttpClientConfigurer(new HttpClientConfigurer() {

                @Override
                public void configureHttpClient(HttpClientBuilder builder) {

                    builder.setSSLSocketFactory(sslsf);

                    System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-1");
                    Registry<ConnectionSocketFactory> r = RegistryBuilder.<ConnectionSocketFactory>create()
                            .register("http", PlainConnectionSocketFactory.getSocketFactory())
                            .register("https", sslsf)
                            .build();
                    System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-2");
                    HttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(r);
                    System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-3");
                    builder.setConnectionManager(cm);
                    System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-4");
                }
            });

        } catch (Exception e) {
            e.printStackTrace();
        }

        from("direct:http")
            // prepare request payload
            // set url to header
            // set other connection properties (eg : Connection Method, Header etc)
            .choice()
            .when(header("url").contains("?"))
                .toD("${header.url}&throwExceptionOnFailure=false")
            .endChoice()
            .otherwise()
                .toD("${header.url}?throwExceptionOnFailure=false")
            .endChoice()
        .end()
        .convertBodyTo(String.class)
        // process on the response

    }

}

日志:

[org.apache.camel.component.http4.HttpComponent] Created ClientConnectionManager org.apache.http.impl.conn.PoolingHttpClientConnectionManager@2516c8e0
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-1
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-2
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-3
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-4
[org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: default
[org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection request: [route: {tls}->https://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection leased: [id: 10][route: {tls}->https://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20]
[org.apache.http.impl.execchain.MainClientExec] Opening connection {tls}->https://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connecting to /192.168.xxx.xxx:xxxx
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Connecting socket to /192.168.xxx.xxx:xxxx with timeout 0
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled protocols: [TLSv1, TLSv1.1, TLSv1.2]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, MORE_CIPHERS ...]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Starting handshake
[org.apache.http.impl.conn.DefaultManagedHttpClientConnection] http-outgoing-30: Shutdown connection
[org.apache.http.impl.execchain.MainClientExec] Connection discarded
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection released: [id: 10][route: {tls}->https://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
[ERROR] Exchange[Id: ID-xxxx-xxx-37655-1534782529403-63-2, ExchangePattern: InOnly, Properties: {CamelCreatedTimestamp=Tue Aug 21 01:54:27 UTC 2018, CamelExceptionCaught=javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?, CamelFailureEndpoint=https4://endpoint-ssl-url.com/path/to/resource?proxyAuthPort=xxxx&throwExceptionOnFailure=false&proxyAuthHost=192.168.xxx.xxx, CamelFailureRouteId=route221, CamelFatalFallbackErrorHandler=[route221], CamelFilterMatched=true, CamelMessageHistory=[REMOVED...], CamelToEndpoint=log://ERROR?showAll=true}, Headers: {Accept=application/json, Accept-Encoding=gzip, Authorization=Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX==, breadcrumbId=ID-xxxxx-xxx-37655-1534782529403-63-1, CamelFileName=null, CamelFileNameProduced=/xxxxxx/path/to/payloads/2018-08-21/message-id-x-[EXT-Request]-2018-08-21-015427600.json, CamelHttpMethod=POST, Content-Type=application/x-www-form-urlencoded, doLogFiles=true, dontLogErrorFiles=false, messageId=message-id-x, messageName=message-name-x, routeId=direct-http, specialRq=true, specialRs=true, url=https4://endpoint-ssl-url.com/path/to/resource?proxyAuthPort=xxxx&proxyAuthHost=192.168.xxx.xxx}, BodyType: String, Body: grant_type=client_credentials&scope=DUMMYSCOPE, CaughtExceptionType: javax.net.ssl.SSLException, CaughtExceptionMessage: Unrecognized SSL message, plaintext connection?, StackTrace: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
    at sun.security.ssl.InputRecord.handleUnknownRecord(InputRecord.java:710)
    at sun.security.ssl.InputRecord.read(InputRecord.java:527)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:983)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396)
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
    at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
    at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:359)
    at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:389)
    at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)
    at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)
    at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
    at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)
    at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
    at org.apache.camel.component.http4.HttpProducer.executeMethod(HttpProducer.java:334)
    at org.apache.camel.component.http4.HttpProducer.process(HttpProducer.java:193)

尝试2:使用BasicHttpClientConnectionManager

代码:

@ApplicationScoped
@ContextName("camel_cdi_context")
public class HTTPRouter extends RouteBuilder {

    @Override
    public void configure() throws Exception {

        errorHandler(deadLetterChannel("direct:error"));

        try {

            TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                    System.out.println("HTTPRouter.configure()");
                    return null;
                }
                public void checkClientTrusted(X509Certificate[] certs, String authType) {
                }
                public void checkServerTrusted(X509Certificate[] certs, String authType) {
                }
            }
            };

            SSLContext sslContext = SSLContext.getInstance("SSL");
            sslContext.init(null, trustAllCerts, new java.security.SecureRandom());

            HostnameVerifier allHostsValid = new HostnameVerifier() {
                public boolean verify(String hostname, SSLSession session) {
                    System.out.println("HTTPRouter.configure().new HostnameVerifier() {...}.verify()");
                    return true;
                }
            };

            final SSLConnectionSocketFactory        sslConnectionSocketFactory          = new SSLConnectionSocketFactory(sslContext,new String[]{"TLSv1.2", "TLSv1.1", "TLSv1", "SSLv3"}, null, allHostsValid);

            HttpComponent http4 = getContext().getComponent("https4", HttpComponent.class);
            http4.setHttpClientConfigurer(new HttpClientConfigurer() {

                @Override
                public void configureHttpClient(HttpClientBuilder builder) {
                    builder.setSSLSocketFactory(sslConnectionSocketFactory);
                    System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 1");
                    Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create()
                            .register("https", sslConnectionSocketFactory)
                            .build();
                    System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 2");
                    HttpClientConnectionManager connectionManager = new  BasicHttpClientConnectionManager(registry);
                    System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 3");
                    builder.setConnectionManager(connectionManager);
                    System.out.println("HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 4");
                }
            });

        } catch (Exception e) {
            e.printStackTrace();
        }

        from("direct:http")
            // prepare request payload
            // set url to header
            // set other connection properties (eg : Connection Method, Header etc)
            .choice()
            .when(header("url").contains("?"))
                .toD("${header.url}&throwExceptionOnFailure=false")
            .endChoice()
            .otherwise()
                .toD("${header.url}?throwExceptionOnFailure=false")
            .endChoice()
        .end()
        .convertBodyTo(String.class)
        // process on the response

    }

}

日志:

[org.apache.camel.component.http4.HttpComponent] Created ClientConnectionManager org.apache.http.impl.conn.PoolingHttpClientConnectionManager@2bb0862
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 1
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 2
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 3
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 4
[org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: default
[org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
[org.apache.http.impl.conn.BasicHttpClientConnectionManager] Get connection for route {tls}->https://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443
[org.apache.http.impl.execchain.MainClientExec] Opening connection {tls}->https://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connecting to /192.168.xxx.xxx:xxxx
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Connecting socket to /192.168.xxx.xxx:xxxx with timeout 0
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled protocols: [SSLv3, TLSv1, TLSv1.1, TLSv1.2]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, MORE_CIPHERS ...]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Starting handshake
[org.apache.http.impl.conn.DefaultManagedHttpClientConnection] http-outgoing-31: Shutdown connection
[org.apache.http.impl.execchain.MainClientExec] Connection discarded
[org.apache.http.impl.conn.BasicHttpClientConnectionManager] Releasing connection [Not bound]
[ERROR] Exchange[Id: ID-xxxxx-xxx-37655-1534782529403-65-2, ExchangePattern: InOnly, Properties: {CamelCreatedTimestamp=Tue Aug 21 01:58:30 UTC 2018, CamelExceptionCaught=javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?, CamelFailureEndpoint=https4://endpoint-ssl-url.com/path/to/resource?proxyAuthPort=xxxx&throwExceptionOnFailure=false&proxyAuthHost=192.168.xxx.xxx, CamelFailureRouteId=route228, CamelFatalFallbackErrorHandler=[route228], CamelFilterMatched=true, CamelMessageHistory=[REMOVED...], CamelToEndpoint=log://ERROR?showAll=true}, Headers: {Accept=application/json, Accept-Encoding=gzip, Authorization=Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX, breadcrumbId=ID-namal-pc-37655-1534782529403-65-1, CamelFileName=null, CamelFileNameProduced=/xxxxxx/path/to/payloads/2018-08-21/message-id-x-[EXT-Request]-2018-08-21-015830349.json, CamelHttpMethod=POST, Content-Type=application/x-www-form-urlencoded, doLogFiles=true, dontLogErrorFiles=false, messageId=message-id-x, messageName=message-name-x, routeId=direct-http, specialRq=true, specialRs=true, url=https4://endpoint-ssl-url.com/path/to/resource?proxyAuthPort=xxxx&proxyAuthHost=192.168.xxx.xxx}, BodyType: String, Body: grant_type=client_credentials&scope=DUMMYSCOPE, CaughtExceptionType: javax.net.ssl.SSLException, CaughtExceptionMessage: Unrecognized SSL message, plaintext connection?, StackTrace: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
    at sun.security.ssl.InputRecord.handleUnknownRecord(InputRecord.java:710)
    at sun.security.ssl.InputRecord.read(InputRecord.java:527)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:983)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396)
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
    at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
    at org.apache.http.impl.conn.BasicHttpClientConnectionManager.connect(BasicHttpClientConnectionManager.java:323)
    at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:389)
    at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)
    at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)
    at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
    at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)
    at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
    at org.apache.camel.component.http4.HttpProducer.executeMethod(HttpProducer.java:334)
    at org.apache.camel.component.http4.HttpProducer.process(HttpProducer.java:193)

尝试3:混合上述两种方法结果:相同的异常

尝试4:与Httpurl连接一起使用我将此作为受控测试进行,并且成功了。代码:

private void testViaHttpUrlConnection() throws Exception {

        System.setProperty("jsse.enableSNIExtension", "false");

        ByteArrayOutputStream   baos                = null;
        String                  requestPayload      = "<payload...>";
        String                  url                 = "https://endpoint-ssl-url.com/path/tp/resource";
        int                     connectionTimeOut   = 45;
        int                     readTimeOut         = 30;
        String                  responsePayload     = null;
        String                  proxyIp             = "192.168.xxx.xxx";
        int                     proxyPort           = xxxx;

        try {

            baos = new ByteArrayOutputStream();
            baos.write(((String)requestPayload).getBytes());

            TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
                public void checkClientTrusted(X509Certificate[] certs, String authType) {
                }
                public void checkServerTrusted(X509Certificate[] certs, String authType) {
                }
            }
            };

            SSLContext sc = SSLContext.getInstance("SSL");
            sc.init(null, trustAllCerts, new java.security.SecureRandom());
            HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

            HostnameVerifier allHostsValid = new HostnameVerifier() {
                public boolean verify(String hostname, SSLSession session) {
                    return true;
                }
            };

            HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);

            URL                     mUrl    = new URL(url);

            URLConnection           ucon    = null;

            Proxy proxy_server = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyIp, proxyPort));

            ucon = mUrl.openConnection(proxy_server);

            HttpURLConnection con               = (HttpURLConnection) ucon;

            con.setConnectTimeout(connectionTimeOut * 1000);
            con.setReadTimeout(readTimeOut*1000);
            con.setDoOutput(true);
            con.setUseCaches(false);
            con.setDoInput(true);
            con.setRequestMethod("POST");
            con.setRequestProperty("Content-Type","application/x-www-form-urlencoded");

            baos.writeTo(con.getOutputStream());

            InputStream responseStream = null;
            ByteArrayOutputStream baosRsp = null;

            try {

                responseStream                  = con.getInputStream();

                baosRsp = new ByteArrayOutputStream();
                byte[] buffer = new byte[4096];
                int length = 0;
                while ((length = responseStream.read(buffer)) != -1) {
                    baosRsp.write(buffer, 0, length);
                }

                responsePayload = new String(baosRsp.toByteArray());

            }finally {
                try{responseStream.close();}catch (Exception e) { responseStream = null;}
                try{baosRsp.close();}catch (Exception e) { baosRsp = null;}
            }

        }finally {
            try{baos.close();}catch (Exception e) { baos = null;}
        }

    }

尝试5:没有代理和信任管理器-工作正常

尝试6:没有代理和以上尝试1-工作正常

日志:

[org.apache.camel.component.http4.HttpComponent] Created ClientConnectionManager org.apache.http.impl.conn.PoolingHttpClientConnectionManager@7800e6b6
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-1
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-2
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-3
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient()-4
[org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: default
[org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection request: [route: {s}->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection leased: [id: 11][route: {s}->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20]
[org.apache.http.impl.execchain.MainClientExec] Opening connection {s}->https://endpoint-ssl-url.com:443
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connecting to endpoint-ssl-url.com/xxx.xxx.xxx.xxx:443
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Connecting socket to endpoint-ssl-url.com/xxx.xxx.xxx.xxx:443 with timeout 0
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled protocols: [TLSv1, TLSv1.1, TLSv1.2]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, MORE_CIPHERS ...]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Starting handshake
[stdout] HTTPRouter.configure().new TrustStrategy() {...}.isTrusted()
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Secure session established
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  negotiated protocol: TLSv1.2
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  negotiated cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  peer principal: CN=endpoint-ssl-url.com, OU=Software Engineering Services, O=Telstra Corporation Limited, L=Melbourne, ST=Victoria, C=AU
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  peer alternative names: [endpoint-ssl-url.com]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  issuer principal: CN=QuoVadis Global SSL ICA G3, O=QuoVadis Limited, C=BM
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connection established 192.168.xxx.xxx:50230<->xxx.xxx.xxx.xxx:443
[org.apache.http.impl.execchain.MainClientExec] Executing request POST /path/to/resource HTTP/1.1
[org.apache.http.impl.execchain.MainClientExec] Proxy auth state: UNCHALLENGED
[org.apache.http.headers] http-outgoing-34 >> POST /path/to/resource HTTP/1.1
[org.apache.http.headers] http-outgoing-34 >> Accept: application/json
[org.apache.http.headers] http-outgoing-34 >> Accept-Encoding: gzip

尝试7:没有代理及以上尝试2-工作正常日志:

[org.apache.camel.component.http4.HttpComponent] Created ClientConnectionManager org.apache.http.impl.conn.PoolingHttpClientConnectionManager@21c33b01
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 1
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 2
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 3
[stdout] HTTPRouter.configure().new HttpClientConfigurer() {...}.configureHttpClient() - 4
[org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: default
[org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
[org.apache.http.impl.conn.BasicHttpClientConnectionManager] Get connection for route {s}->https://endpoint-ssl-url.com:443
[org.apache.http.impl.execchain.MainClientExec] Opening connection {s}->https://endpoint-ssl-url.com:443
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connecting to endpoint-ssl-url.com/xxx.xxx.xxx.xxx## Heading ##:443
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Connecting socket to endpoint-ssl-url.com/xxx.xxx.xxx.xxx:443 with timeout 0
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled protocols: [SSLv3, TLSv1, TLSv1.1, TLSv1.2]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, MORE_CIPHERS ...]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Starting handshake
[stdout] HTTPRouter.configure()
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Secure session established
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  negotiated protocol: TLSv1.2
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  negotiated cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  peer principal: CN=endpoint-ssl-url.com, OU=Software Engineering Services, O=Telstra Corporation Limited, L=Melbourne, ST=Victoria, C=AU
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  peer alternative names: [endpoint-ssl-url.com]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  issuer principal: CN=QuoVadis Global SSL ICA G3, O=QuoVadis Limited, C=BM
[stdout] HTTPRouter.configure().new HostnameVerifier() {...}.verify()
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connection established 192.168.xxx.xxx:57748<->xxx.xxx.xxx.xxx:443
[org.apache.http.impl.execchain.MainClientExec] Executing request POST /path/to/resource HTTP/1.1
[org.apache.http.impl.execchain.MainClientExec] Proxy auth state: UNCHALLENGED
[org.apache.http.headers] http-outgoing-32 >> POST /path/to/resource HTTP/1.1

尝试-8:以同样的方式尝试了另一个带有http4组件的超文本传输协议endpoint,并成功了。

尝试-9:尝试直接使用to()组件,但结果相同。


共1个答案

匿名用户

尝试10:在系统属性的尝试中成功了。但是我一直在通过系统外属性寻找解决方案。在这里为社区发帖。所以,如果有任何进一步的发现,请留下答案/评论

将代理设置添加到syetem属性,如下所述。

System.setProperty("http.proxyHost", "192.168.xxx.xxx");
System.setProperty("http.proxyPort", "xxxx");
System.setProperty("https.proxyHost", "192.168.xxx.xxx");
System.setProperty("https.proxyPort", "xxxx");

-Dhttp.proxyHost=192.168.xxx.xxx -Dhttp.proxyPort=xxxx -Dhttps.proxyHost=192.168.xxx.xxx -Dhttps.proxyPort=xxxx

将useSystemProperties标志true放入URL如下。

https4://endpoint-ssl-url.com/path/to/resource?useSystemProperties=true

然后它可以正常工作,如下面的日志所述

日志:

[org.apache.camel.component.http4.HttpComponent] Created ClientConnectionManager org.apache.http.impl.conn.PoolingHttpClientConnectionManager@1aee22a3
[org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: default
[org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection request: [route: {tls}->http://192.168.xxx.xxx:3128->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 0 of 20; total allocated: 0 of 200]
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection leased: [id: 0][route: {tls}->http://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443][total kept alive: 0; route allocated: 1 of 20; total allocated: 1 of 200]
[org.apache.http.impl.execchain.MainClientExec] Opening connection {tls}->http://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connecting to /192.168.xxx.xxx:xxxx
[org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connection established 192.168.xxx.xxx:xxxx<->192.168.xxx.xxx:xxxx
[org.apache.http.headers] http-outgoing-0 >> CONNECT endpoint-ssl-url.com:443 HTTP/1.1
[org.apache.http.headers] http-outgoing-0 >> Host: endpoint-ssl-url.com
[org.apache.http.headers] http-outgoing-0 >> User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_151)
[org.apache.http.wire] http-outgoing-0 >> "CONNECT endpoint-ssl-url.com:443 HTTP/1.1[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Host: endpoint-ssl-url.com[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_151)[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "HTTP/1.1 200 Connection established[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "[\r][\n]"
[org.apache.http.headers] http-outgoing-0 << HTTP/1.1 200 Connection established
[org.apache.http.impl.execchain.MainClientExec] Tunnel to target created.
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled protocols: [TLSv1, TLSv1.1, TLSv1.2]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled cipher suites:[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, MORE CIPHERS...]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Starting handshake
[org.apache.http.conn.ssl.SSLConnectionSocketFactory] Secure session established
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  negotiated protocol: TLSv1.2
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  negotiated cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  peer principal: CN=endpoint-ssl-url.com, OU=Software Engineering Services, O=Telstra Corporation Limited, L=Melbourne, ST=Victoria, C=AU
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  peer alternative names: [endpoint-ssl-url.com]
[org.apache.http.conn.ssl.SSLConnectionSocketFactory]  issuer principal: CN=QuoVadis Global SSL ICA G3, O=QuoVadis Limited, C=BM
[org.apache.http.impl.execchain.MainClientExec] Executing request POST /path/to/resource HTTP/1.1
[org.apache.http.headers] http-outgoing-0 >> POST /path/to/resource HTTP/1.1
[org.apache.http.headers] http-outgoing-0 >> Accept: application/json
[org.apache.http.headers] http-outgoing-0 >> Accept-Encoding: gzip
[org.apache.http.headers] http-outgoing-0 >> Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[org.apache.http.headers] http-outgoing-0 >> breadcrumbId: xxxxxxxxxxxxxxxxxxxxxxx
[org.apache.http.headers] http-outgoing-0 >> doLogFiles: true
[org.apache.http.headers] http-outgoing-0 >> dontLogErrorFiles: false
[org.apache.http.headers] http-outgoing-0 >> messageId: message-x-id
[org.apache.http.headers] http-outgoing-0 >> messageName: message-x-name
[org.apache.http.headers] http-outgoing-0 >> routeId: direct-http
[org.apache.http.headers] http-outgoing-0 >> specialRq: true
[org.apache.http.headers] http-outgoing-0 >> specialRs: true
[org.apache.http.headers] http-outgoing-0 >> url: https4://endpoint-ssl-url.com/path/to/resource?useSystemProperties=true
[org.apache.http.headers] http-outgoing-0 >> Content-Length: 49
[org.apache.http.headers] http-outgoing-0 >> Content-Type: application/x-www-form-urlencoded
[org.apache.http.headers] http-outgoing-0 >> Host: endpoint-ssl-url.com
[org.apache.http.headers] http-outgoing-0 >> Connection: Keep-Alive
[org.apache.http.headers] http-outgoing-0 >> User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_151)
[org.apache.http.wire] http-outgoing-0 >> "POST /path/to/resource HTTP/1.1[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Accept: application/json[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Accept-Encoding: gzip[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "breadcrumbId: xxxxxxxxxxxxxxxxxxxxxxx[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "doLogFiles: true[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "dontLogErrorFiles: false[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "messageId: message-x-id[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "messageName: message-x-name[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "routeId: direct-http[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "specialRq: true[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "specialRs: true[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "url: https4://endpoint-ssl-url.com/path/to/resource?useSystemProperties=true[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Content-Length: 49[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Content-Type: application/x-www-form-urlencoded[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Host: endpoint-ssl-url.com[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "Connection: Keep-Alive[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_151)[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "[\r][\n]"
[org.apache.http.wire] http-outgoing-0 >> "grant_type=client_credentials&scope=DUMMYSCOPE"
[org.apache.http.wire] http-outgoing-0 << "HTTP/1.1 200 OK[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Date: Tue, 21 Aug 2018 04:11:35 GMT[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Content-Type: application/json; charset=UTF-8[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Content-Length: 72[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Connection: keep-alive[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Access-Control-Allow-Origin: *[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Cache-Control: no-cache,no-store,must-revalidate[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Pragma: no-cache[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Expires: 0[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "Strict-Transport-Security: max-age=31536000; includeSubDomains;[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "[\r][\n]"
[org.apache.http.wire] http-outgoing-0 << "{ "xxxx_xxxxx": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "xxxx_xxxxx": "xxxx" }"
[org.apache.http.headers] http-outgoing-0 << HTTP/1.1 200 OK
[org.apache.http.headers] http-outgoing-0 << Date: Tue, 21 Aug 2018 04:11:35 GMT
[org.apache.http.headers] http-outgoing-0 << Content-Type: application/json; charset=UTF-8
[org.apache.http.headers] http-outgoing-0 << Content-Length: 72
[org.apache.http.headers] http-outgoing-0 << Connection: keep-alive
[org.apache.http.headers] http-outgoing-0 << Access-Control-Allow-Origin: *
[org.apache.http.headers] http-outgoing-0 << Cache-Control: no-cache,no-store,must-revalidate
[org.apache.http.headers] http-outgoing-0 << Pragma: no-cache
[org.apache.http.headers] http-outgoing-0 << Expires: 0
[org.apache.http.headers] http-outgoing-0 << Strict-Transport-Security: max-age=31536000; includeSubDomains;
[org.apache.http.impl.execchain.MainClientExec] Connection can be kept alive indefinitely
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection [id: 0][route: {tls}->http://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443] can be kept alive indefinitely
[org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection released: [id: 0][route: {tls}->http://192.168.xxx.xxx:xxxx->https://endpoint-ssl-url.com:443][total kept alive: 1; route allocated: 1 of 20; total allocated: 1 of 200]
[com.integration.processors.base.http.HttpResponseProcessor] process(). is started
[com.integration.processors.base.common.InterfaceProcessor] loadMessageData().messageId : message-x-id | messageName : message-x-name
[com.integration.processors.base.http.HttpResponseProcessor] process(). httpResponseCode : 200 | httpResponseText : OK
[com.integration.processors.interfaces.http.message-x-nameResponseProcessor] decodeResponse().rootNode : {"xxxx_xxxxx":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxx","xxxx_xxxxx":"xxxx"}
[com.integration.processors.interfaces.http.message-x-nameResponseProcessor] decodeResponse().xxxx_xxxxx : xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
[com.integration.processors.base.http.HttpResponseProcessor] process().outResponseBody : {"RESULT":{"condition":"good","severity":"good","summury":"Message X successful","detail":"{ \"xxxx_xxxxx\": \"xxxxxxxxxxxxxxxxxxxxxxxxxxxxx\", \"xxxx_xxxxx\": \"xxxx\" }\nxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMessage X successful\n"},"OUTPUTS":{"xxxx_xxxxx":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxx","FAILURE_REASON":null},"SUCCESS":true}