I have created a spring boot based application, its application.yml files is something like this:
server:
port: 8108
tomcat:
remote_ip_header: x-forwarded-for
protocol_header: x-forwarded-proto
It is also running on https port. I deployed this application in cloud foundry and it is successfully deployed and running on https url and is working fine.
Now I created dockerfile for this application with below configuration:
FROM frolvlad/alpine-oraclejdk8
VOLUME /tmp
ADD <name-of-jar>.jar aap.jar
EXPOSE 8108
ENTRYPOINT ["java","-jar","/aap.jar"]
and pushed to cloud foundry with docker enabled using below command :
cf push -m 2g --docker-image /: --docker-username
It gets successfully deployed and gets started, but when i try to access it via its URL :
https://
I get below exception:
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT 12:33:52.488 [DEBUG] [ ] [-exec-7] [ org.apache.tomcat.util.net.NioEndpoint]: Error during SSL handshake
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:156)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1411)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT 12:33:52.488 [DEBUG] [ ] [-exec-7] [ org.apache.tomcat.util.net.NioEndpoint]: Failed to close socket
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at sun.nio.ch.SocketChannelImpl.ensureWriteOpen(SocketChannelImpl.java:270)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:518)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint$Poller.cancelledKey(NioEndpoint.java:729)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:461)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:508)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.flush(SecureNioChannel.java:143)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint.access$500(NioEndpoint.java:69)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint.close(NioEndpoint.java:507)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at java.lang.Thread.run(Thread.java:748)
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT 12:33:52.488 [DEBUG] [ ] [-exec-7] [ org.apache.tomcat.util.threads.LimitLatch]: Counting down[https-jsse-nio-8108-exec-7] latch=1
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT 12:33:52.494 [DEBUG] [ ] [-exec-8] [ org.apache.tomcat.util.net.SecureNioChannel]: The SNI host name extracted for this connection was [null]
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT 12:33:52.494 [DEBUG] [ ] [eptor-0] [ org.apache.tomcat.util.threads.LimitLatch]: Counting up[https-jsse-nio-8108-Acceptor-0] latch=1
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT 12:33:52.495 [DEBUG] [ ] [-exec-8] [ org.apache.tomcat.util.net.NioEndpoint]: Error during SSL handshake
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:156)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:232)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:459)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1411)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at java.lang.Thread.run(Thread.java:748)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT java.nio.channels.ClosedChannelException: null
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at sun.nio.ch.SocketChannelImpl.ensureWriteOpen(SocketChannelImpl.java:270)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.flush(SecureNioChannel.java:143)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:461)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:508)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:518)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint$Poller.cancelledKey(NioEndpoint.java:729)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint.close(NioEndpoint.java:507)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
To resolve this issue in my dockerfile EXPOSE section i mentioned 443 port apart from the port on which it was already running, but docker deployment fails and reports error with 443 port.
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
and Error during SSL handshake
look like your app is listening for HTTPS requests, but the incoming request is not HTTPS (see below). Look at the configuration of your app to see why. I don't see anything with the bits of config you posted that would indicate why HTTPS has been enabled, but this is the config that would normally enable HTTPS for a Spring Boot app.
For Cloud Foundry, your application should listen for HTTP requests. Currently, the external load balancer or the GoRouter will terminate the HTTPS request and talk to all apps via HTTP.
https://docs.cloudfoundry.org/concepts/http-routing.html#tls
If you want to have TLS/HTTPS directly to your application then you currently need to use TCP Routing.
https://docs.cloudfoundry.org/adminguide/enabling-tcp-routing.html#ports
Hope that helps!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.