我有两个微服务和一个网关。一个微服务是用JHipster和spring boot(Service1)开发的,另一个是spring集成框架(IntegrationService)。现在我需要从 IntegrationService 调用 service1 API。我在这两个微服务中都使用 HTTPS 进行通信。但是当调用 API 时,我得到了以下错误日志。
2021-05-05 11:05:45.503 INFO 22105 --- [XNIO-1 task-4] cmasIntegrationService:IntegrationService org.springframework.messaging.MessageHandlingException 中的异常:URI [https://<server_ip> 的 HTTP 请求执行失败/gateway/services/service1/api/viewrecords?id=100100100100157] 在 [bean 'outboundGateway'; 定义在:'类路径资源 [com/esi/app/service/IntegrationService.class]'; 来源:'org.springframework.core.type.classreading.SimpleMethodMetadata@3fa2213'];嵌套异常是 org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://<server_ip>/gateway/services/service1/api/viewrecords":PKIX 路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效证书路径;嵌套异常是 javax.net.ssl.SSLHandshakeException:PKIX 路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效证书路径, failedMessage=GenericMessage [payload={custId=100100100100157},headers= {http_requestMethod=GET, errorChannel=org.springframework.messaging.core.GenericMessagingTemplate$TemporaryReplyChannel@703c6baf, Connection=Keep-Alive, Host=<server_ip>: port , accept= /, authorization=Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZG1pbiIsImF1dGgiOiJST0xFX0FETUlOLFJPTEVfVVNFUiIsImV4cCI6MTYyMDI3ODk4NH0.-4ByR7OQY-G_dZh7XUHYOSo3FRS2Ug6JxVOkq6XOmhUV05LnQj10puEGotcJk1EUlYDvt4n2dAJFSuR3evnvHA, replyChannel=org.springframework.messaging.core.GenericMessagingTemplate$TemporaryReplyChannel@703c6baf, http_requestUrl=http://<server_ip>:/api/getrecordsfromservice1?transactionId=1111111111&id=100100100100157, id=1eec8d00-4040-c9b2-cdb1-4f2d8743d007, Content-Length=0, http_userPrincipal=org.springframework.security.authentication.UsernamePasswordAuthenticationToken@143b9e60: 主体: org.springframework.security.core.userdetails.User@586034f: 用户名: 行政; 密码保护]; 启用:真;AccountNonExpired:真;凭据非过期:真;AccountNonLocked:真;授予权限:ROLE_ADMIN,ROLE_USER;凭证:[受保护];已认证:真实;详细信息:空;授予权限:ROLE_ADMIN、ROLE_USER、accept-encoding=gzip、deflate、br、user-agent=PostmanRuntime/7.28.0、timestamp=1620192945487}]
我用来调用 IntegrationService 的 API 端点是,
https://<server_ip>/gateway/services/integration/api/getrecordsfromservice1?transactionId=1111111111&id=100100100100157
integration是在 IntegrationService 的网关中注册的服务名称。同样,service1用于 Service1。
我无法理解的事情是:
- “http_requestUrl”如何更改为日志中的那个,而不是我正在点击的端点?
- 即使我在两个微服务中都使用 HTTPS,为什么会发生“SunCertPathBuilderException”?
- 要获取“主机”消息头,spring 框架是否在配置文件 application.yml 上查找 IP 和端口,而不是检查 URL?
有人可以帮忙吗?@artem
我的入站和出站网关如下:
@ServiceActivator(inputChannel = "channelOutbound")
@Bean
public HttpRequestExecutingMessageHandler outboundGateway() {
final HttpRequestExecutingMessageHandler handler = new HttpRequestExecutingMessageHandler(
viewrecordsEndpoint + "{id}");
handler.setExpectedResponseType(String.class);
handler.setHttpMethod(HttpMethod.GET);
handler.setOutputChannelName("channelOutboundResponse");
final ExpressionParser parser = new SpelExpressionParser();
final Expression exp = parser.parseExpression("payload[id]");
final Map<String, Expression> uriExp = new HashMap<>();
uriExp.put(Constants.ID, exp);
handler.setUriVariableExpressions(uriExp);
return handler;
}
@Bean
public HttpRequestHandlingMessagingGateway inboundGateway() {
final HttpRequestHandlingMessagingGateway gateway = new HttpRequestHandlingMessagingGateway();
gateway.setRequestMapping(requestMapping());
gateway.setRequestChannelName("channelInbound");
gateway.setReplyChannelName("channelInboundReply");
gateway.setErrorChannelName("channelInboundError");
return gateway;
}
private RequestMapping getGoldLoansForUcicInboundRequestMapping() {
final RequestMapping mapping = new requestMapping();
mapping.setPathPatterns("/api/getrecordsfromservice1");
mapping.setMethods(HttpMethod.GET);
return mapping;
}