java.net.SocketException:自TLSv1.2协议以来连接重置

时间:2018-03-14 16:57:21

标签: rest ibm-cloud-infrastructure

我无法连接到api.softlayer.com 我正在使用Apache(HTTP-client-4.5.3.jar)从WebSphere应用程序门户8.5(java7)调用其余API

编码是

HttpClient client = HttpClientBuilder.create().build();
HttpResponse response = client.execute(request);

错误是

17:44:00.997 [main] DEBUG o.a.h.i.c.PoolingHttpClientConnectionManager - Connection request: [route: {s}->https://api.softlayer.com:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
17:44:01.044 [main] DEBUG o.a.h.i.c.PoolingHttpClientConnectionManager - Connection leased: [id: 0][route: {s}->https://api.softlayer.com:443][total kept alive: 0; route allocated: 1 of 2; total allocated: 1 of 20]
17:44:01.044 [main] DEBUG o.a.h.impl.execchain.MainClientExec - Opening connection {s}->https://api.softlayer.com:443
17:44:01.060 [main] DEBUG o.a.h.i.c.DefaultHttpClientConnectionOperator - Connecting to api.softlayer.com/66.228.119.120:443
17:44:01.060 [main] DEBUG o.a.h.c.s.SSLConnectionSocketFactory - Connecting socket to api.softlayer.com/66.228.119.120:443 with timeout 0
17:44:01.606 [main] DEBUG o.a.h.c.s.SSLConnectionSocketFactory - Enabled protocols: [TLSv1]
17:44:01.606 [main] DEBUG o.a.h.c.s.SSLConnectionSocketFactory - Enabled cipher suites:[TLS_EMPTY_RENEGOTIATION_INFO_SCSV, SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256, SSL_RSA_WITH_AES_128_CBC_SHA256, SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256, SSL_DHE_RSA_WITH_AES_128_CBC_SHA256, SSL_DHE_DSS_WITH_AES_128_CBC_SHA256, SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_AES_128_CBC_SHA, SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA, SSL_ECDH_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_ECDHE_ECDSA_WITH_RC4_128_SHA, SSL_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_ECDH_ECDSA_WITH_RC4_128_SHA, SSL_ECDH_RSA_WITH_RC4_128_SHA, SSL_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, SSL_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5]
17:44:01.606 [main] DEBUG o.a.h.c.s.SSLConnectionSocketFactory - Starting handshake
17:44:01.747 [main] DEBUG o.a.h.i.c.DefaultManagedHttpClientConnection - http-outgoing-0: Shutdown connection
17:44:01.747 [main] DEBUG o.a.h.impl.execchain.MainClientExec - Connection discarded
17:44:01.747 [main] DEBUG o.a.h.i.c.PoolingHttpClientConnectionManager - Connection released: [id: 0][route: {s}->https://api.softlayer.com:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
17:44:01.747 [main] INFO  o.a.http.impl.execchain.RetryExec - I/O exception (java.net.SocketException) caught when processing request to {s}->https://api.softlayer.com:443: Connection reset
17:44:01.747 [main] DEBUG o.a.http.impl.execchain.RetryExec - Connection reset
java.net.SocketException: Connection reset
    at java.net.SocketInputStream.read(SocketInputStream.java:207) ~[na:1.7.0]
    at java.net.SocketInputStream.read(SocketInputStream.java:133) ~[na:1.7.0]
    at com.ibm.jsse2.a.a(a.java:110) ~[na:7.0 build_20131216]
    at com.ibm.jsse2.a.a(a.java:141) ~[na:7.0 build_20131216]
    at com.ibm.jsse2.qc.a(qc.java:691) ~[na:7.0 build_20131216]
    at com.ibm.jsse2.qc.h(qc.java:266) ~[na:7.0 build_20131216]
    at com.ibm.jsse2.qc.a(qc.java:770) ~[na:7.0 build_20131216]
    at com.ibm.jsse2.qc.startHandshake(qc.java:476) ~[na:7.0 build_20131216]
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396) ~[httpclient-4.5.3.jar:4.5.3]
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) ~[httpclient-4.5.3.jar:4.5.3]

解决方案是启用启用TLSv1.2 

import javax.net.ssl.SSLContext;

import org.apache.http.client.HttpClient;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;

public class HttpClientFactory {
    private static CloseableHttpClient client;
    public static HttpClient getHttpsClient() throws Exception {
        if (client != null) {
            return client;
        }
        SSLContext sslContext = SSLContexts.createDefault();
        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1.2"}, null, new NoopHostnameVerifier());
        client = HttpClients.custom().setSSLSocketFactory(sslsf).build();
        return client;
    }
}

1 个答案:

答案 0 :(得分:0)

Softlayer的服务器只接受TLSv1.2连接,你必须确保你的代码只执行与你的代码没有做的协议的连接

  

17:44:01.606 [main] DEBUG o.a.h.c.s.SSLConnectionSocketFactory -   启用的协议:[TLSv1]

相关问题
最新问题