我有一个Spring REST Web服务,该服务在内部调用由第三方供应商提供的SOAP Web服务。 SOAP Web服务客户端是使用CXF生成的。自从升级到组织提供的JDK的较新版本以来,我看到以下奇怪的行为
1)如果我通过Web服务器调用REST服务,则在第一个成功的SOAP调用之后,应用程序将停止响应。 Web服务器开始显示错误的网关错误。
a)在这一点上,如果我调用应用服务器,则它不会响应。 Chrome显示SSL协议错误,但访问日志中没有任何条目,或者chrome开发人员工具中没有任何响应。
2)如果我直接在应用程序服务器上调用我的REST服务,即使调用了“ n”次后,该服务仍能按预期工作。
根据我的组织提供的更改日志,更改从JDK版本jdk1.8.0_161_iaik5.5_ecc4.02更改为jdk1.8.0_161_iaik5.5_ecc4.02_1。
任何指针都会有所帮助。谢谢。请让我知道是否需要在问题中添加其他详细信息。
编辑- 添加了一些其他日志记录,这些日志在日志中显示了解码错误
[2019-01-31T13:55:17.136-0500] [Payara 4.1] [INFO] [] [] [tid:_ThreadID = 36 _ThreadName = http-thread-pool :: http-listener-2(4) ] [timeMillis:1548960917136] [levelValue:800] [[ http-thread-pool :: http-listener-2(4),写:TLSv1.2握手,长度= 3989]]
[2019-01-31T13:55:17.138-0500] [Payara 4.1] [INFO] [] [] [tid:_ThreadID = 37 _ThreadName = http-thread-pool :: http-listener-2(5) ] [timeMillis:1548960917138] [levelValue:800] [[ http-thread-pool :: http-listener-2(5),读取:TLSv1.2警报,长度= 2]]
[2019-01-31T13:55:17.138-0500] [Payara 4.1] [INFO] [] [] [tid:_ThreadID = 37 _ThreadName = http-thread-pool :: http-listener-2(5) ] [timeMillis:1548960917138] [levelValue:800] [[ http-thread-pool :: http-listener-2(5)]]
[2019-01-31T13:55:17.138-0500] [Payara 4.1] [INFO] [] [] [tid:_ThreadID = 37 _ThreadName = http-thread-pool :: http-listener-2(5) ] [timeMillis:1548960917138] [levelValue:800] [[ ,RECV TLSv1.2警报:]]
[2019-01-31T13:55:17.138-0500] [Payara 4.1] [INFO] [] [] [tid:_ThreadID = 37 _ThreadName = http-thread-pool :: http-listener-2(5) ] [timeMillis:1548960917138] [levelValue:800] [[ 致命的,]]
[2019-01-31T13:55:17.138-0500] [Payara 4.1] [INFO] [] [] [tid:_ThreadID = 37 _ThreadName = http-thread-pool :: http-listener-2(5) ] [timeMillis:1548960917138] [levelValue:800] [[ 解码错误]]
[2019-01-31T13:55:17.138-0500] [Payara 4.1] [INFO] [] [] [tid:_ThreadID = 37 _ThreadName = http-thread-pool :: http-listener-2(5) ] [timeMillis:1548960917138] [levelValue:800] [[ http-thread-pool :: http-listener-2(5),致命:引擎已关闭。重新抛出javax.net.ssl.SSLException:收到致命警报:decode_error]]
[2019-01-31T13:55:17.138-0500] [Payara 4.1] [INFO] [] [] [tid:_ThreadID = 37 _ThreadName = http-thread-pool :: http-listener-2(5) ] [timeMillis:1548960917138] [levelValue:800] [[ http-thread-pool :: http-listener-2(5),致命:引擎已关闭。重新抛出javax.net.ssl.SSLException:收到致命警报:decode_error]]
答案 0 :(得分:0)
请检查您的第三方支持的TLS版本。与苹果云URL连接时,我遇到了致命警告:decode_error。我可以通过将协议明确设置为TLS 1.2来解决此问题。
我在How to fix 'SSLHandshakeException: Received fatal alert: decode_error'?
中提供了一个示例答案 1 :(得分:0)
请尝试下面的代码-
public class NetClientPost {
public static String getMapData(String latlong) {
String response = null;
try {
disableCertificateValidation();
URL urlForGetRequest = new URL(
"http://localhost:8080/server api url");
String readLine = null;
HttpURLConnection conection = (HttpURLConnection) urlForGetRequest.openConnection();
conection.setRequestMethod("GET");
// conection.setRequestProperty("userId", "a1bcdef"); // set userId its a sample
// here
int responseCode1 = conection.getResponseCode();
if (responseCode1 == HttpURLConnection.HTTP_OK) {
BufferedReader in1 = new BufferedReader(new InputStreamReader(conection.getInputStream()));
StringBuffer response1 = new StringBuffer();
while ((readLine = in1.readLine()) != null) {
response1.append(readLine);
}
in1.close();
// print result
response = response1.toString();
System.out.println("JSON String Result " + response1.toString());
// GetAndPost.POSTRequest(response.toString());
} else {
System.out.println("GET NOT WORKED");
}
} catch (Exception e) {
e.printStackTrace();
// TODO: handle exception
}
return response;
}
public static void disableCertificateValidation() {
// Create a trust manager that does not validate certificate chains
TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
} };
// Ignore differences between given hostname and certificate hostname
HostnameVerifier hv = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(hv);
} catch (Exception e) {
e.printStackTrace();
}
}
}