stackoom
  简体   繁体   中英

Running Spring Boot application with HTTPS enabled in docker on cloud foundry

 原文  2017-10-26 14:39:36       java/ docker/ spring-boot/ dockerfile/ cloudfoundry

Question

I have created a spring boot based application, its application.yml files is something like this: 

server:
  port: 8108
  tomcat:
    remote_ip_header: x-forwarded-for
    protocol_header: x-forwarded-proto

It is also running on https port. I deployed this application in cloud foundry and it is successfully deployed and running on https url and is working fine.

Now I created dockerfile for this application with below configuration: 

FROM frolvlad/alpine-oraclejdk8
VOLUME /tmp
ADD  <name-of-jar>.jar aap.jar
EXPOSE 8108
ENTRYPOINT ["java","-jar","/aap.jar"]

and pushed to cloud foundry with docker enabled using below command :

cf push -m 2g --docker-image /: --docker-username

It gets successfully deployed and gets started, but when i try to access it via its URL :

https://

I get below exception: 

 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT 12:33:52.488 [DEBUG] [                                ] [-exec-7] [            org.apache.tomcat.util.net.NioEndpoint]: Error during SSL handshake
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:156)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1411)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT 12:33:52.488 [DEBUG] [                                ] [-exec-7] [            org.apache.tomcat.util.net.NioEndpoint]: Failed to close socket
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at sun.nio.ch.SocketChannelImpl.ensureWriteOpen(SocketChannelImpl.java:270)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:518)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint$Poller.cancelledKey(NioEndpoint.java:729)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:461)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:508)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.flush(SecureNioChannel.java:143)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint.access$500(NioEndpoint.java:69)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint.close(NioEndpoint.java:507)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at java.lang.Thread.run(Thread.java:748)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT 12:33:52.488 [DEBUG] [                                ] [-exec-7] [         org.apache.tomcat.util.threads.LimitLatch]: Counting down[https-jsse-nio-8108-exec-7] latch=1
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT 12:33:52.494 [DEBUG] [                                ] [-exec-8] [       org.apache.tomcat.util.net.SecureNioChannel]: The SNI host name extracted for this connection was [null]
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT 12:33:52.494 [DEBUG] [                                ] [eptor-0] [         org.apache.tomcat.util.threads.LimitLatch]: Counting up[https-jsse-nio-8108-Acceptor-0] latch=1
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT 12:33:52.495 [DEBUG] [                                ] [-exec-8] [            org.apache.tomcat.util.net.NioEndpoint]: Error during SSL handshake
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:156)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:232)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:459)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1411)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at java.lang.Thread.run(Thread.java:748)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT java.nio.channels.ClosedChannelException: null
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at sun.nio.ch.SocketChannelImpl.ensureWriteOpen(SocketChannelImpl.java:270)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.flush(SecureNioChannel.java:143)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:461)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:508)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:518)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint$Poller.cancelledKey(NioEndpoint.java:729)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint.close(NioEndpoint.java:507)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

To resolve this issue in my dockerfile EXPOSE section i mentioned 443 port apart from the port on which it was already running, but docker deployment fails and reports error with 443 port.

1 answers

solution1
 1  2017-10-29 00:50:31

javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? and Error during SSL handshake look like your app is listening for HTTPS requests, but the incoming request is not HTTPS (see below). Look at the configuration of your app to see why. I don't see anything with the bits of config you posted that would indicate why HTTPS has been enabled, but this is the config that would normally enable HTTPS for a Spring Boot app.

https://docs.spring.io/spring-boot/docs/current/reference/html/howto-embedded-servlet-containers.html#howto-configure-ssl

For Cloud Foundry, your application should listen for HTTP requests. Currently, the external load balancer or the GoRouter will terminate the HTTPS request and talk to all apps via HTTP.

https://docs.cloudfoundry.org/concepts/http-routing.html#tls

If you want to have TLS/HTTPS directly to your application then you currently need to use TCP Routing.

https://docs.cloudfoundry.org/adminguide/enabling-tcp-routing.html#ports

Hope that helps!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to profile memory of a spring boot webapp running on cloud foundry? Connection Refused Error in Cloud Foundry Spring Boot application Unable to load Spring Boot application running in Docker Pivotal Cloud Foundry (PCF) spring boot application stops working without error spring boot app crashing on cloud foundry java.lang.IllegalStateException Not able to deploy a helloworld spring-boot app on Cloud Foundry Spring boot rashes first and then start automatically in Pivotal Cloud Foundry Cloud Foundry - Spring Boot: How to open a URL in User's Browser? Cloud Foundry : How to deploy spring boot app with an additional JVM command Deploying and Connecting cloud foundry service (MongoDB, Java, Spring Boot)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM