0

我们最近将 Camel 版本从 2.x 升级到了 3.x。在 2 中,我们使用 camel-http 下载文件列表,效果很好。通过升级,我可以看到 camel-http 组件现在实际上已被以前的 camel-http4 组件所取代。自从升级以来,我们不再能够连接到文件的主机。连接是通过https。

我已经通过各种在线指南了解如何配置 SSLContext、设置正确的信任库/密钥库,但到目前为止还没有任何效果。

将 javax.net.debug 设置为 all 并没有真正向我显示更多有用的信息:

Camel (camel-1) thread #2 - timer://foo, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
%% Invalidated:  [Session-27, SSL_NULL_WITH_NULL_NULL]
Camel (camel-1) thread #2 - timer://foo, SEND TLSv1.2 ALERT:  fatal, description = handshake_failure
Camel (camel-1) thread #2 - timer://foo, WRITE: TLSv1.2 Alert, length = 2

我们看到的错误是:

javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1009)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1388)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1416)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1400)
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
    at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
    at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
    at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:401)
    at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
    at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
    at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
    at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
    at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
    at org.apache.camel.component.http.HttpProducer.executeMethod(HttpProducer.java:346)
    at org.apache.camel.component.http.HttpProducer.process(HttpProducer.java:201)
    at org.apache.camel.support.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:66)
    at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:169)
    at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.doRun(RedeliveryErrorHandler.java:714)
    at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$RedeliveryTask.run(RedeliveryErrorHandler.java:623)
    at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.schedule(DefaultReactiveExecutor.java:148)
    at org.apache.camel.impl.engine.DefaultReactiveExecutor.scheduleMain(DefaultReactiveExecutor.java:60)
    at org.apache.camel.processor.Pipeline.process(Pipeline.java:147)
    at org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:312)
    at org.apache.camel.component.timer.TimerConsumer.sendTimerExchange(TimerConsumer.java:207)
    at org.apache.camel.component.timer.TimerConsumer$1.run(TimerConsumer.java:76)
    at java.util.TimerThread.mainLoop(Timer.java:555)
    at java.util.TimerThread.run(Timer.java:505)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
    at sun.security.ssl.InputRecord.read(InputRecord.java:505)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:990)
    ... 29 more

这不会发生在我的本地环境中,它只会在从我们通常部署的服务器上运行它时发生。在我仍然可以尝试/调试以找出导致问题的原因方面,我有点不知所措。有什么想法吗?

尝试的最新设置:

        System.setProperty("https.protocols", "TLSv1,TLSv1.1,TLSv1.2");

        KeyStoreParameters ksp = new KeyStoreParameters();
        ksp.setResource("path.jks");
        ksp.setPassword("test");

        KeyManagersParameters kmp = new KeyManagersParameters();
        kmp.setKeyStore(ksp);
        kmp.setKeyPassword("test");

        SSLContextParameters scp = new SSLContextParameters();
        scp.setKeyManagers(kmp);
        scp.setSecureSocketProtocol("TLSv1.2");

        HttpComponent httpComponent = getContext().getComponent("https", HttpComponent.class);
        httpComponent.setSslContextParameters(scp);
        httpComponent.setX509HostnameVerifier(new AllowAllHostnameVerifier());

        Endpoint urlEndpoint= httpComponent.createEndpoint(url);
4

0 回答 0