在云代工的Docker中启用HTTPS的Spring Boot应用程序
我创build了一个基于spring的应用程序,它的application.yml文件是这样的:
server: port: 8108 tomcat: remote_ip_header: x-forwarded-for protocol_header: x-forwarded-proto 它也在https端口上运行。 我部署这个应用程序在云代工,它已成功部署并运行在https url,并正常工作。
现在我用下面的configuration为这个应用程序创builddockerfile:
FROM frolvlad/alpine-oraclejdk8 VOLUME /tmp ADD <name-of-jar>.jar aap.jar EXPOSE 8108 ENTRYPOINT ["java","-jar","/aap.jar"]
并使用以下命令将其推送到启用docker的代工厂:
cf push -m 2g –docker-image /:–docker-username
它成功部署并开始,但是当我尝试通过它的URL访问它:
https://开头
我得到以下例外:
2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT 12:33:52.488 [DEBUG] [ ] [-exec-7] [ org.apache.tomcat.util.net.NioEndpoint]: Error during SSL handshake 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:156) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1411) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT 12:33:52.488 [DEBUG] [ ] [-exec-7] [ org.apache.tomcat.util.net.NioEndpoint]: Failed to close socket 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at sun.nio.ch.SocketChannelImpl.ensureWriteOpen(SocketChannelImpl.java:270) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:518) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint$Poller.cancelledKey(NioEndpoint.java:729) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:461) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:508) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.flush(SecureNioChannel.java:143) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint.access$500(NioEndpoint.java:69) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint.close(NioEndpoint.java:507) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at java.lang.Thread.run(Thread.java:748) 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT 12:33:52.488 [DEBUG] [ ] [-exec-7] [ org.apache.tomcat.util.threads.LimitLatch]: Counting down[https-jsse-nio-8108-exec-7] latch=1 2017-10-26T18:03:52.48+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT 12:33:52.494 [DEBUG] [ ] [-exec-8] [ org.apache.tomcat.util.net.SecureNioChannel]: The SNI host name extracted for this connection was [null] 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT 12:33:52.494 [DEBUG] [ ] [eptor-0] [ org.apache.tomcat.util.threads.LimitLatch]: Counting up[https-jsse-nio-8108-Acceptor-0] latch=1 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT 12:33:52.495 [DEBUG] [ ] [-exec-8] [ org.apache.tomcat.util.net.NioEndpoint]: Error during SSL handshake 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:156) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:232) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:459) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1411) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at java.lang.Thread.run(Thread.java:748) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT java.nio.channels.ClosedChannelException: null 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at sun.nio.ch.SocketChannelImpl.ensureWriteOpen(SocketChannelImpl.java:270) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.flush(SecureNioChannel.java:143) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:461) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:508) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SecureNioChannel.close(SecureNioChannel.java:518) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint$Poller.cancelledKey(NioEndpoint.java:729) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.NioEndpoint.close(NioEndpoint.java:507) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) 2017-10-26T18:03:52.49+0530 [APP/PROC/WEB/0] OUT at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
要解决这个问题在我的dockerfile EXPOSE部分我提到了它已经运行的端口443端口,但docker部署失败,并报告与443端口的错误。
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? 和Error during SSL handshake看起来像您的应用程序正在侦听HTTPS请求,但传入的请求不是HTTPS(请参阅下文)。 看看你的应用程序的configuration,看看为什么。 我没有看到任何与您发布的configuration位相关的信息,这些信息表明为什么启用了HTTPS,但这是通常为Spring Boot应用程序启用HTTPS的configuration。
对于Cloud Foundry,您的应用程序应该侦听HTTP请求。 目前,外部负载均衡器或GoRouter将终止HTTPS请求,并通过HTTP与所有应用进行通话。
https://docs.cloudfoundry.org/concepts/http-routing.html#tls
如果您希望直接将TLS / HTTPS应用于您的应用程序,那么您当前需要使用TCP路由。
https://docs.cloudfoundry.org/adminguide/enabling-tcp-routing.html#ports
希望有所帮助!