使用代码

Question

我正在使用Dropwizard 0.7.0-rc2 进行REST API。我已尝试通过config.yaml配置SSL，它正在本地计算机上工作。

以下是 config.yaml

中的内容

server:
#  softNofileLimit: 1000
#  hardNofileLimit: 1000
  applicationConnectors:
    - type: http
      port: 8080
    - type: https
      port: 13790
      keyStorePath: xxx.keystore
      keyStorePassword: xxx
      validateCerts: false
      validatePeers: false
    #this requires the alpn-boot library on the JVM's boot classpath
    #- type: h2
    #  port: 8445
    #  keyStorePath: xxx.keystore
    #  keyStorePassword: xxx
    #  validateCerts: false
    #  validatePeers: false
  adminConnectors:
    - type: http
      port: 8081
    - type: https
      port: 13790
      keyStorePath: xxxx.keystore
      keyStorePassword: xxxxx
      validateCerts: false
      validatePeers: false

我在生产服务器上试过这个但是它给了我错误无法解析配置：server.applicationConnectors;无法将类型ID“http”解析为子类型

然后我尝试添加代码。

public void run(MyConfiguration configuration, Environment environment)
            throws Exception {

        ((DefaultServerFactory)  configuration.getServerFactory()).getApplicationConnectors().add(new HttpsConnectorFactory());
        ((DefaultServerFactory)  configuration.getServerFactory()).getAdminConnectors().add(new HttpsConnectorFactory());
        ((HttpConnectorFactory) ((DefaultServerFactory)  configuration.getServerFactory()).getApplicationConnectors().get(0)).setPort(13789);
        ((HttpConnectorFactory) ((DefaultServerFactory)  configuration.getServerFactory()).getAdminConnectors().get(0)).setPort(13777);

        ((HttpsConnectorFactory) ((DefaultServerFactory)  configuration.getServerFactory()).getApplicationConnectors().get(1)).setPort(13790);
        ((HttpsConnectorFactory) ((DefaultServerFactory)  configuration.getServerFactory()).getAdminConnectors().get(1)).setPort(13791);



        HttpsConnectorFactory cf1 = (HttpsConnectorFactory) ((HttpConnectorFactory) ((DefaultServerFactory)  configuration.getServerFactory()).getApplicationConnectors().get(1));
        cf1.setKeyStoreType("JKS");
        cf1.setKeyStorePath("/var/***.jks");
        cf1.setKeyStorePassword("*****");
        cf1.setValidateCerts(true);
        cf1.setValidatePeers(true);

        }

通过上面的代码，它绑定端口但无法连接。

使用 openssl

进行测试时出现以下错误

140573632874312:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:598:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : SSLv3
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1457936036
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---

我也尝试使用shaded-jar进行部署，但它无法正常工作。

请帮我解决问题。