4

我正在使用 Jetty HttpClient 9 进行一些简单的网络爬取,但我似乎无法使其与 HTTPS 一起使用。以下发出同步 GET 请求的简单代码...

SslContextFactory sslContextFactory = new SslContextFactory(true);
HttpClient client = new HttpClient(sslContextFactory);
client.start();
ContentResponse response = client.newRequest("https://www.twitter.com")
                .method(HttpMethod.GET)
                .send();

创建 SslContextFactory 时在哪里使用 TrustAll 标志会导致以下异常,该异常似乎与 SSL 相关...

java.util.concurrent.ExecutionException: org.eclipse.jetty.io.EofException
at org.eclipse.jetty.client.util.FutureResponseListener.getResult(FutureResponseListener.java:118)
at org.eclipse.jetty.client.util.FutureResponseListener.get(FutureResponseListener.java:101)
at org.eclipse.jetty.client.HttpRequest.send(HttpRequest.java:433)
at com.blogfrog.system.service.http.Jetty9HttpClientTester.main(Jetty9HttpClientTester.java:17)

Caused by: org.eclipse.jetty.io.EofException
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:597)
at org.eclipse.jetty.client.HttpReceiver.receive(HttpReceiver.java:74)
at org.eclipse.jetty.client.HttpConnection.receive(HttpConnection.java:308)
at org.eclipse.jetty.client.HttpExchange.receive(HttpExchange.java:104)
at org.eclipse.jetty.client.HttpConnection.onFillable(HttpConnection.java:296)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.run(AbstractConnection.java:240)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:278)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:78)
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:198)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.run(AbstractConnection.java:240)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:278)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:78)
at org.eclipse.jetty.io.SelectChannelEndPoint.onSelected(SelectChannelEndPoint.java:109)
at org.eclipse.jetty.io.SelectorManager$ManagedSelector.processKey(SelectorManager.java:482)
at org.eclipse.jetty.io.SelectorManager$ManagedSelector.select(SelectorManager.java:439)
at org.eclipse.jetty.io.SelectorManager$ManagedSelector.run(SelectorManager.java:404)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:589)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:520)
at java.lang.Thread.run(Thread.java:722)
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1362)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:513)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:790)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:490)
... 18 more
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1703)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:278)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:808)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:806)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1299)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:547)
... 18 more
Caused by: java.security.cert.CertificateException: No subject alternative names matching IP address 199.59.148.10 found
at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:154)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:91)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:347)
at sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(SSLContextImpl.java:889)
at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:828)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1328)
... 25 more

我在这里做错了什么?这是让 Jetty HttpClient 信任所有 SSL 连接的正确方法吗?如果没有,正确的方法是什么?

4

1 回答 1

5

(从这里的邮件列表中获取修复)

这是一个错误:https ://bugs.eclipse.org/bugs/show_bug.cgi?id=400184

它已在 master 中修复,作为一种解决方法,这应该有效:

SslContextFactory.setEndpointIdentificationAlgorithm(null);
于 2013-02-07T16:03:33.777 回答