[英]Jetty client can't connect to Jetty server via HTTP/2
Below I'm using "HTTPS/1.1" in the meaning of HTTPS over HTTP1.1. 下面我在HTTP over HTTP1.1的意义上使用“HTTPS / 1.1”。 All connections below are HTTPS, there's no plain HTTP.
下面的所有连接都是HTTPS,没有普通的HTTP。
My server runs embedded Jetty on port 10443 as HTTPS/1.1 and on port 10444 as HTTPS/2. 我的服务器在端口10443上运行嵌入式Jetty作为HTTPS / 1.1,在端口10444上作为HTTPS / 2运行。 Both ports work and there's no other difference between them.
两个端口都有效,它们之间没有其他区别。 The fallback to HTTPS/1 also works (tested with
chromium-browser --disable-http2
). HTTPS / 1的回退也有效(使用
chromium-browser --disable-http2
进行测试)。 The is the whole client code: 这是整个客户端代码:
public static void main(String[] args) throws Exception {
final HttpClient httpClient = new HttpClient(new SslContextFactory());
httpClient.start();
httpClient.GET(TEST_URL);
}
The test URL is localhost
using a certificate signed by thawte, which is correct, but obviously invalid for localhost
. 测试URL是
localhost
使用由thawte签名的证书,这是正确的,但显然对localhost
无效。
I'm surprised that HTTPS/1 works, as curl rejects it with 我很惊讶HTTPS / 1可以工作,因为curl拒绝它
curl: (51) SSL: certificate subject name (...) does not match target host name 'localhost'
I might have been fooling with the global java keystore, which might explain why it works with Jetty. 我可能一直在愚弄全局java密钥库,这可能解释了为什么它适用于Jetty。 However, HTTPS/2 with Jetty does not work and all I'm getting is these two cryptic stacktraces:
但是,带有Jetty的HTTPS / 2不起作用,而我所得到的只是这两个神秘的堆栈跟踪:
17:28:23.870 [HttpClient@1729199940-16] WARN org.eclipse.jetty.http.HttpParser - Illegal character 0x0 in state=START for buffer DirectByteBuffer@7daa7e20[p=1,l=32,c=16384,r=31]={\x00<<<\x00\x17\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01invalid_preface>>>\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00...\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00}
17:28:23.872 [HttpClient@1729199940-16] DEBUG org.eclipse.jetty.http.HttpParser - Parse exception: HttpParser{s=START,0 of 0} for HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=START,0 of 0}]
org.eclipse.jetty.http.HttpParser$IllegalCharacterException: 400: Illegal character 0x0
at org.eclipse.jetty.http.HttpParser.next(HttpParser.java:488)
at org.eclipse.jetty.http.HttpParser.quickStart(HttpParser.java:551)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:1356)
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.parse(HttpReceiverOverHTTP.java:170)
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.process(HttpReceiverOverHTTP.java:131)
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.receive(HttpReceiverOverHTTP.java:70)
at org.eclipse.jetty.client.http.HttpChannelOverHTTP.receive(HttpChannelOverHTTP.java:130)
at org.eclipse.jetty.client.http.HttpConnectionOverHTTP.onFillable(HttpConnectionOverHTTP.java:116)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:104)
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:289)
at org.eclipse.jetty.io.ssl.SslConnection$3.succeeded(SslConnection.java:149)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:104)
at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:247)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.produce(EatWhatYouKill.java:140)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:243)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:679)
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:597)
at java.lang.Thread.run(Thread.java:748)
in the logs and 在日志和
Exception in thread "main" 17:28:23.897 [main] DEBUG org.eclipse.jetty.client.HttpExchange - Failed HttpExchange@6cace8ba req=TERMINATED/null@null res=TERMINATED/org.eclipse.jetty.client.HttpResponseException: HTTP protocol violation: bad response on HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]<-DecryptedEndPoint@7cd58c23{localhost/127.0.0.1:10444<->/127.0.0.1:50040,OPEN,fill=-,flush=-,to=20/0}->HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]->SocketChannelEndPoint@36772236{localhost/127.0.0.1:10444<->/127.0.0.1:50040,OPEN,fill=-,flush=-,to=8/0}{io=0/0,kio=0,kro=1}->SslConnection@3fba7a47{NOT_HANDSHAKING,eio=31/-1,di=-1}=>HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]@2577736b: req=false/rsp=false {}
java.util.concurrent.ExecutionException: org.eclipse.jetty.client.HttpResponseException: HTTP protocol violation: bad response on HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]<-DecryptedEndPoint@7cd58c23{localhost/127.0.0.1:10444<->/127.0.0.1:50040,OPEN,fill=-,flush=-,to=20/0}->HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]->SocketChannelEndPoint@36772236{localhost/127.0.0.1:10444<->/127.0.0.1:50040,OPEN,fill=-,flush=-,to=8/0}{io=0/0,kio=0,kro=1}->SslConnection@3fba7a47{NOT_HANDSHAKING,eio=31/-1,di=-1}=>HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]
at org.eclipse.jetty.client.util.FutureResponseListener.getResult(FutureResponseListener.java:118)
at org.eclipse.jetty.client.util.FutureResponseListener.get(FutureResponseListener.java:101)
at org.eclipse.jetty.client.HttpRequest.send(HttpRequest.java:682)
at org.eclipse.jetty.client.HttpClient.GET(HttpClient.java:343)
at org.eclipse.jetty.client.HttpClient.GET(HttpClient.java:328)
at ....main(OcJettyClientDemo.java:51)
Caused by: org.eclipse.jetty.client.HttpResponseException: HTTP protocol violation: bad response on HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]<-DecryptedEndPoint@7cd58c23{localhost/127.0.0.1:10444<->/127.0.0.1:50040,OPEN,fill=-,flush=-,to=20/0}->HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]->SocketChannelEndPoint@36772236{localhost/127.0.0.1:10444<->/127.0.0.1:50040,OPEN,fill=-,flush=-,to=8/0}{io=0/0,kio=0,kro=1}->SslConnection@3fba7a47{NOT_HANDSHAKING,eio=31/-1,di=-1}=>HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.badMessage(HttpReceiverOverHTTP.java:331)
at org.eclipse.jetty.http.HttpParser.badMessage(HttpParser.java:1478)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:1460)
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.parse(HttpReceiverOverHTTP.java:170)
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.process(HttpReceiverOverHTTP.java:131)
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.receive(HttpReceiverOverHTTP.java:70)
at org.eclipse.jetty.client.http.HttpChannelOverHTTP.receive(HttpChannelOverHTTP.java:130)
at org.eclipse.jetty.client.http.HttpConnectionOverHTTP.onFillable(HttpConnectionOverHTTP.java:116)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:104)
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:289)
at org.eclipse.jetty.io.ssl.SslConnection$3.succeeded(SslConnection.java:149)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:104)
at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:247)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.produce(EatWhatYouKill.java:140)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:243)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:679)
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:597)
at java.lang.Thread.run(Thread.java:748)
as result. 结果。 There's only the above warning and no errors in the logs (which are 400 lines; I guess a bit too much to post it here).
只有上面的警告并且日志中没有错误(400行;我想在这里发布它有点太多了)。
I can imagine, that using an invalid certificate is waste of time and I wouldn't care, if there wasn't a possibly related problem, I do care about (iOS clients can't talk to HTTP/2 in production; I currently have no data about it). 我可以想象,使用无效证书是浪费时间而我不在乎,如果没有可能相关的问题,我确实关心(iOS客户端无法在生产中与HTTP / 2交谈;我目前没有关于它的数据)。
My configuration: 我的配置:
java version "1.8.0_151"
Java(TM) SE Runtime Environment (build 1.8.0_151-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.151-b12, mixed mode)
org.eclipse.jetty.alpn:alpn-api:1.1.3.v20160715
org.eclipse.jetty.http2:http2-server:9.4.7.v20170914
org.eclipse.jetty:jetty-alpn-server:9.4.7.v20170914
org.eclipse.jetty:jetty-client:9.4.7.v20170914
org.eclipse.jetty:jetty-servlets:9.4.7.v20170914
Linux 4.4.0-101-generic #124-Ubuntu SMP Fri Nov 10 18:29:59 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
Any idea what's going on? 知道发生了什么事吗?
The Jetty client does not work with our production site either (where there's a valid certificate). Jetty客户端也不能与我们的生产站点一起使用(有有效证书的地方)。 When connection to our production site using
chromium-browser --disable-http2
, it shows HTTP/1 headers, but there's h2 in the column protocol. 当使用
chromium-browser --disable-http2
连接到我们的生产站点时,它显示HTTP / 1标头,但列协议中有h2。
For Jetty's HttpClient
to work with HTTP/2 you need to instantiate it with the HTTP/2 transport as explained in the documentation . 对于Jetty的
HttpClient
使用HTTP / 2,您需要使用HTTP / 2传输对其进行实例化, 如文档中所述 。
Support for automatic switching between HTTP/2 and HTTP/1 is under development, see https://github.com/eclipse/jetty.project/issues/1350 . 正在开发支持HTTP / 2和HTTP / 1之间的自动切换,请参阅https://github.com/eclipse/jetty.project/issues/1350 。
Also remember that for HTTP/2 to work over TLS you need also to setup ALPN. 还要记住,要使HTTP / 2在TLS上工作,您还需要设置ALPN。 The recommended way is to use JDK 9 that has built-in support for ALPN, and therefore you need the
jetty-alpn-java-client
artifact in the classpath, see also http://www.eclipse.org/jetty/documentation/current/alpn-chapter.html . 推荐的方法是使用内置支持ALPN的JDK 9,因此在类路径中需要
jetty-alpn-java-client
工件,另请参见http://www.eclipse.org/jetty/documentation/ current / alpn-chapter.html 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.