堆栈内存溢出
  简体   繁体   English

Jetty客户端无法通过HTTP / 2连接到Jetty服务器

[英]Jetty client can't connect to Jetty server via HTTP/2

 原文  2017-12-09 16:54:07       java/ embedded-jetty/ http2/ jetty-9

问题描述

Below I'm using "HTTPS/1.1" in the meaning of HTTPS over HTTP1.1. 下面我在HTTP over HTTP1.1的意义上使用“HTTPS / 1.1”。 All connections below are HTTPS, there's no plain HTTP. 下面的所有连接都是HTTPS,没有普通的HTTP。

My server runs embedded Jetty on port 10443 as HTTPS/1.1 and on port 10444 as HTTPS/2. 我的服务器在端口10443上运行嵌入式Jetty作为HTTPS / 1.1,在端口10444上作为HTTPS / 2运行。 Both ports work and there's no other difference between them. 两个端口都有效,它们之间没有其他区别。 The fallback to HTTPS/1 also works (tested with chromium-browser --disable-http2 ). HTTPS / 1的回退也有效(使用chromium-browser --disable-http2进行测试)。 The is the whole client code: 这是整个客户端代码: 

public static void main(String[] args) throws Exception {
    final HttpClient httpClient = new HttpClient(new SslContextFactory());
    httpClient.start();
    httpClient.GET(TEST_URL);
}

The test URL is localhost using a certificate signed by thawte, which is correct, but obviously invalid for localhost . 测试URL是localhost使用由thawte签名的证书,这是正确的,但显然对localhost无效。

I'm surprised that HTTPS/1 works, as curl rejects it with 我很惊讶HTTPS / 1可以工作,因为curl拒绝它 

curl: (51) SSL: certificate subject name (...) does not match target host name 'localhost'

I might have been fooling with the global java keystore, which might explain why it works with Jetty. 我可能一直在愚弄全局java密钥库,这可能解释了为什么它适用于Jetty。 However, HTTPS/2 with Jetty does not work and all I'm getting is these two cryptic stacktraces: 但是,带有Jetty的HTTPS / 2不起作用,而我所得到的只是这两个神秘的堆栈跟踪: 

17:28:23.870 [HttpClient@1729199940-16] WARN org.eclipse.jetty.http.HttpParser - Illegal character 0x0 in state=START for buffer DirectByteBuffer@7daa7e20[p=1,l=32,c=16384,r=31]={\x00<<<\x00\x17\x07\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01invalid_preface>>>\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00...\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00}
17:28:23.872 [HttpClient@1729199940-16] DEBUG org.eclipse.jetty.http.HttpParser - Parse exception: HttpParser{s=START,0 of 0} for HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=START,0 of 0}]

org.eclipse.jetty.http.HttpParser$IllegalCharacterException: 400: Illegal character 0x0
    at org.eclipse.jetty.http.HttpParser.next(HttpParser.java:488)
    at org.eclipse.jetty.http.HttpParser.quickStart(HttpParser.java:551)
    at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:1356)
    at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.parse(HttpReceiverOverHTTP.java:170)
    at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.process(HttpReceiverOverHTTP.java:131)
    at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.receive(HttpReceiverOverHTTP.java:70)
    at org.eclipse.jetty.client.http.HttpChannelOverHTTP.receive(HttpChannelOverHTTP.java:130)
    at org.eclipse.jetty.client.http.HttpConnectionOverHTTP.onFillable(HttpConnectionOverHTTP.java:116)
    at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279)
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:104)
    at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:289)
    at org.eclipse.jetty.io.ssl.SslConnection$3.succeeded(SslConnection.java:149)
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:104)
    at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:247)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.produce(EatWhatYouKill.java:140)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
    at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:243)
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:679)
    at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:597)
    at java.lang.Thread.run(Thread.java:748)

in the logs and 在日志和 

Exception in thread "main" 17:28:23.897 [main] DEBUG org.eclipse.jetty.client.HttpExchange - Failed HttpExchange@6cace8ba req=TERMINATED/null@null res=TERMINATED/org.eclipse.jetty.client.HttpResponseException: HTTP protocol violation: bad response on HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]<-DecryptedEndPoint@7cd58c23{localhost/127.0.0.1:10444<->/127.0.0.1:50040,OPEN,fill=-,flush=-,to=20/0}->HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]->SocketChannelEndPoint@36772236{localhost/127.0.0.1:10444<->/127.0.0.1:50040,OPEN,fill=-,flush=-,to=8/0}{io=0/0,kio=0,kro=1}->SslConnection@3fba7a47{NOT_HANDSHAKING,eio=31/-1,di=-1}=>HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]@2577736b: req=false/rsp=false {}
java.util.concurrent.ExecutionException: org.eclipse.jetty.client.HttpResponseException: HTTP protocol violation: bad response on HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]<-DecryptedEndPoint@7cd58c23{localhost/127.0.0.1:10444<->/127.0.0.1:50040,OPEN,fill=-,flush=-,to=20/0}->HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]->SocketChannelEndPoint@36772236{localhost/127.0.0.1:10444<->/127.0.0.1:50040,OPEN,fill=-,flush=-,to=8/0}{io=0/0,kio=0,kro=1}->SslConnection@3fba7a47{NOT_HANDSHAKING,eio=31/-1,di=-1}=>HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]
    at org.eclipse.jetty.client.util.FutureResponseListener.getResult(FutureResponseListener.java:118)
    at org.eclipse.jetty.client.util.FutureResponseListener.get(FutureResponseListener.java:101)
    at org.eclipse.jetty.client.HttpRequest.send(HttpRequest.java:682)
    at org.eclipse.jetty.client.HttpClient.GET(HttpClient.java:343)
    at org.eclipse.jetty.client.HttpClient.GET(HttpClient.java:328)
    at ....main(OcJettyClientDemo.java:51)
Caused by: org.eclipse.jetty.client.HttpResponseException: HTTP protocol violation: bad response on HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]<-DecryptedEndPoint@7cd58c23{localhost/127.0.0.1:10444<->/127.0.0.1:50040,OPEN,fill=-,flush=-,to=20/0}->HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]->SocketChannelEndPoint@36772236{localhost/127.0.0.1:10444<->/127.0.0.1:50040,OPEN,fill=-,flush=-,to=8/0}{io=0/0,kio=0,kro=1}->SslConnection@3fba7a47{NOT_HANDSHAKING,eio=31/-1,di=-1}=>HttpConnectionOverHTTP@409cfd31(l:/127.0.0.1:50040 <-> r:localhost/127.0.0.1:10444,closed=false)=>HttpChannelOverHTTP@17f52ec2(exchange=HttpExchange@6cace8ba req=TERMINATED/null@null res=PENDING/null@null)[send=HttpSenderOverHTTP@6f458d2b(req=QUEUED,snd=COMPLETED,failure=null)[HttpGenerator@653a2561{s=START}],recv=HttpReceiverOverHTTP@42e82982(rsp=IDLE,failure=null)[HttpParser{s=CLOSE,0 of 0}]]
    at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.badMessage(HttpReceiverOverHTTP.java:331)
    at org.eclipse.jetty.http.HttpParser.badMessage(HttpParser.java:1478)
    at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:1460)
    at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.parse(HttpReceiverOverHTTP.java:170)
    at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.process(HttpReceiverOverHTTP.java:131)
    at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.receive(HttpReceiverOverHTTP.java:70)
    at org.eclipse.jetty.client.http.HttpChannelOverHTTP.receive(HttpChannelOverHTTP.java:130)
    at org.eclipse.jetty.client.http.HttpConnectionOverHTTP.onFillable(HttpConnectionOverHTTP.java:116)
    at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279)
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:104)
    at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:289)
    at org.eclipse.jetty.io.ssl.SslConnection$3.succeeded(SslConnection.java:149)
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:104)
    at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:247)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.produce(EatWhatYouKill.java:140)
    at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
    at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:243)
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:679)
    at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:597)
    at java.lang.Thread.run(Thread.java:748)

as result. 结果。 There's only the above warning and no errors in the logs (which are 400 lines; I guess a bit too much to post it here). 只有上面的警告并且日志中没有错误(400行;我想在这里发布它有点太多了)。

I can imagine, that using an invalid certificate is waste of time and I wouldn't care, if there wasn't a possibly related problem, I do care about (iOS clients can't talk to HTTP/2 in production; I currently have no data about it). 我可以想象,使用无效证书是浪费时间而我不在乎,如果没有可能相关的问题,我确实关心(iOS客户端无法在生产中与HTTP / 2交谈;我目前没有关于它的数据)。

My configuration: 我的配置: 

java version "1.8.0_151"
Java(TM) SE Runtime Environment (build 1.8.0_151-b12)
Java HotSpot(TM) 64-Bit Server VM (build 25.151-b12, mixed mode)

org.eclipse.jetty.alpn:alpn-api:1.1.3.v20160715
org.eclipse.jetty.http2:http2-server:9.4.7.v20170914
org.eclipse.jetty:jetty-alpn-server:9.4.7.v20170914
org.eclipse.jetty:jetty-client:9.4.7.v20170914
org.eclipse.jetty:jetty-servlets:9.4.7.v20170914

Linux 4.4.0-101-generic #124-Ubuntu SMP Fri Nov 10 18:29:59 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

Any idea what's going on? 知道发生了什么事吗?

Update 更新

The Jetty client does not work with our production site either (where there's a valid certificate). Jetty客户端也不能与我们的生产站点一起使用(有有效证书的地方)。 When connection to our production site using chromium-browser --disable-http2 , it shows HTTP/1 headers, but there's h2 in the column protocol. 当使用chromium-browser --disable-http2连接到我们的生产站点时,它显示HTTP / 1标头,但列协议中有h2。

1 个解决方案

解决方案1
 3 已采纳  2017-12-11 09:46:30

For Jetty's HttpClient to work with HTTP/2 you need to instantiate it with the HTTP/2 transport as explained in the documentation . 对于Jetty的HttpClient使用HTTP / 2,您需要使用HTTP / 2传输对其进行实例化, 如文档中所述

Support for automatic switching between HTTP/2 and HTTP/1 is under development, see https://github.com/eclipse/jetty.project/issues/1350 . 正在开发支持HTTP / 2和HTTP / 1之间的自动切换,请参阅https://github.com/eclipse/jetty.project/issues/1350

Also remember that for HTTP/2 to work over TLS you need also to setup ALPN. 还要记住,要使HTTP / 2在TLS上工作,您还需要设置ALPN。 The recommended way is to use JDK 9 that has built-in support for ALPN, and therefore you need the jetty-alpn-java-client artifact in the classpath, see also http://www.eclipse.org/jetty/documentation/current/alpn-chapter.html . 推荐的方法是使用内置支持ALPN的JDK 9,因此在类路径中需要jetty-alpn-java-client工件,另请参见http://www.eclipse.org/jetty/documentation/ current / alpn-chapter.html

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 无法在Firefox 50上通过SSL连接到Jetty 9服务器 - Can't connect to Jetty 9 server via SSL with Firefox 50 浏览器无法连接到Jetty服务器 - Browser can't connect to Jetty server 在Jetty中拦截HTTP连接 - Intercept HTTP Connect in Jetty Jetty Http客户端日志记录 - Jetty Http Client logging 码头 HTTP 客户端 SSL - Jetty HTTP Client with SSL Jetty HTTP 2客户端 - Jetty HTTP 2 Client Jetty Server 启动但无法在浏览器上访问 - Jetty Server started but can't access it on browser Jetty HTTP客户端摘要验证 - Jetty HTTP Client Digest Auth 删除Jetty 9中的HTTP Server标头 - Remove the HTTP Server header in Jetty 9 Jetty 客户端/服务器相互认证 - Jetty client / server mutual authentication
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM