基本的put对象调用突然停止工作(有时它已成功)。它一直在努力。
看起来像SSL证书问题。
Stack Trace片段。
org.jets3t.service.S3ServiceException: S3 PUT connection failed for '/s3_request_message-38afbd8e-7d65-428a-a708-5d34104ded95-4912660956668093023.xml'
at org.jets3t.service.impl.rest.httpclient.RestS3Service.performRequest(RestS3Service.java:516)
at org.jets3t.service.impl.rest.httpclient.RestS3Service.performRestPut(RestS3Service.java:800)
at org.jets3t.service.impl.rest.httpclient.RestS3Service.createObjectImpl(RestS3Service.java:1399)
at org.jets3t.service.impl.rest.httpclient.RestS3Service.putObjectImpl(RestS3Service.java:1317)
at org.jets3t.service.S3Service.putObject(S3Service.java:1661)
at org.jets3t.service.S3Service.putObject(S3Service.java:1914)
at com.amazon.lm.utils.aws.S3Box.putFile(S3Box.java:111)
at com.amazon.lm.engine.LMEngine.copyRequestS3(LMEngine.java:350)
at com.amazon.lm.engine.LMEngine.run(LMEngine.java:165)
at com.amazon.lm.engine.discover.DiscoveryEngine.run(DiscoveryEngine.java:156)
at com.amazon.lm.engine.discover.GoogleBaseSearch.run(GoogleBaseSearch.java:25)
at com.amazon.lm.ui.UIDiscoverTask.run(UIDiscoverTask.java:41)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.net.ssl.SSLPeerUnverifiedException: HTTPS hostname invalid: expected 'lm-requests-prod.s3.amazonaws.com', received '*.s3.amazonaws.com'
at org.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.verifyHostname(StrictSSLProtocolSocketFactory.java:293)
at org.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory.createSocket(StrictSSLProtocolSocketFactory.java:215)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at org.jets3t.service.impl.rest.httpclient.RestS3Service.performRequest(RestS3Service.java:342)
... 12 more
看起来Java并不喜欢以#39; *。s3.amazonaws.com' *呈现的通配符域。
每Can Java connect to wildcard ssl ...通配符在java中可能会有问题。
但如前所述,我们长期以来一直在使用它,并且突然开始面对这个问题,这种情况太间歇了。
我们使用以下版本:
jdk: 1.6
jets3: 0.7
openssl:1.0
有没有人遇到过这个问题?如果是,是否有解决方法?
答案 0 :(得分:1)
这个wasn't an issue with the AWSS3JavaClient code
,基于这个问题在S3库和其他Java S3库中发生的事实,以及SSL cert verification is done inside the JVM platform library code
不在我们的S3库代码中的事实。
问题是我们的JVM密钥库没有最新的证书颁发机构(CA),允许JVM为我们从S3获得的任何证书形成信任链SSL端点。这是Java和SSL的一个相当普遍的问题,因为JVM维护它自己的密钥库(即它不使用来自OS的证书)。
如果遇到此问题,请尝试使用其他JVM重现此问题。每当客户过去看到这个问题时,都是因为他们的本地JVM keystore
(密钥库附带JVM并包含最新的证书和CA)已经过时了。升级到最新的JVM版本在过去一直都在修复它。
尝试将JVM version
升级到最近的版本,它应该会有所帮助,因为您的密钥库必须已过期! :)