在Cloud Foundry上的Docker中啟用HTTPS的情況下運行Spring Boot應用程序

Question

我已經創建了一個基於Spring Boot的應用程序，它的application.yml文件是這樣的：

server:
  port: 8108
  tomcat:
    remote_ip_header: x-forwarded-for
    protocol_header: x-forwarded-proto

它還在https端口上運行。 我已將此應用程序部署在cloud Foundry中，並且已成功部署並在https url上運行，並且運行良好。

現在，我使用以下配置為此應用程序創建了dockerfile：

FROM frolvlad/alpine-oraclejdk8
VOLUME /tmp
ADD  <name-of-jar>.jar aap.jar
EXPOSE 8108
ENTRYPOINT ["java","-jar","/aap.jar"]

並使用以下命令在啟用了docker的情況下推送到Cloud Foundry：

cf push -m 2g --docker-image /：--docker用戶名

它已成功部署並開始使用，但是當我嘗試通過其URL訪問它時：

https：//開頭

我得到以下異常：

 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT 12:33:52.488 [DEBUG] [                                ] [-exec-7] [            org.apache.tomcat.util.net.NioEndpoint]: Error during SSL handshake
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:156)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1411)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT 12:33:52.488 [DEBUG] [                                ] [-exec-7] [            org.apache.tomcat.util.net.NioEndpoint]: Failed to close socket
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at sun.nio.ch.SocketChannelImpl.ensureWriteOpen(SocketChannelImpl.java:270)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:518)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint$Poller.cancelledKey(NioEndpoint.java:729)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:461)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:508)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.flush(SecureNioChannel.java:143)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint.access$500(NioEndpoint.java:69)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint.close(NioEndpoint.java:507)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at java.lang.Thread.run(Thread.java:748)
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT 12:33:52.488 [DEBUG] [                                ] [-exec-7] [         org.apache.tomcat.util.threads.LimitLatch]: Counting down[https-jsse-nio-8108-exec-7] latch=1
   2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT 12:33:52.494 [DEBUG] [                                ] [-exec-8] [       org.apache.tomcat.util.net.SecureNioChannel]: The SNI host name extracted for this connection was [null]
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT 12:33:52.494 [DEBUG] [                                ] [eptor-0] [         org.apache.tomcat.util.threads.LimitLatch]: Counting up[https-jsse-nio-8108-Acceptor-0] latch=1
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT 12:33:52.495 [DEBUG] [                                ] [-exec-8] [            org.apache.tomcat.util.net.NioEndpoint]: Error during SSL handshake
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:156)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:232)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:459)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1411)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at java.lang.Thread.run(Thread.java:748)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT java.nio.channels.ClosedChannelException: null
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at sun.nio.ch.SocketChannelImpl.ensureWriteOpen(SocketChannelImpl.java:270)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.flush(SecureNioChannel.java:143)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:461)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:508)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:518)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint$Poller.cancelledKey(NioEndpoint.java:729)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.NioEndpoint.close(NioEndpoint.java:507)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
   2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

為了在我的dockerfile的EXPOSE部分中解決此問題，我提到了443端口，而不是它已經在其上運行的端口，但是docker部署失敗並報告443端口錯誤。

Answer 1

javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? 和Error during SSL handshake看起來您的應用正在偵聽HTTPS請求，但傳入的請求不是HTTPS（請參見下文）。 查看您應用的配置，以了解原因。 我看不到任何與您發布的配置有關的信息，它表明為什么啟用了HTTPS，但這是通常可以為Spring Boot應用程序啟用HTTPS的配置。

https://docs.spring.io/spring-boot/docs/current/reference/html/howto-embedded-servlet-containers.html#howto-configure-ssl

對於Cloud Foundry，您的應用程序應偵聽HTTP請求。 當前，外部負載平衡器或GoRouter將終止HTTPS請求並通過HTTP與所有應用程序對話。

https://docs.cloudfoundry.org/concepts/http-routing.html#tls

如果要直接將TLS / HTTPS連接到應用程序，則當前需要使用TCP路由。

https://docs.cloudfoundry.org/adminguide/enabling-tcp-routing.html#ports

希望有幫助！

在Cloud Foundry上的Docker中啟用HTTPS的情況下運行Spring Boot應用程序

問題描述

1 個解決方案

解決方案1
1 2017-10-29 00:50:31

在Cloud Foundry上的Docker中啟用HTTPS的情況下運行Spring Boot應用程序

問題描述

1 個解決方案

解決方案1 1 2017-10-29 00:50:31

解決方案1
1 2017-10-29 00:50:31