Clever Geek Handbook

Apache http core nio 4.3.3 reverse proxy ssl error

I am developing a reverse proxy using http core nio 4.3.3 and need to connect to the Secure / HTTPS endpoint through the proxy. I took a reverse proxy (asynchronous HTTP reverse proxy) [1] and added SSL support as shown below.

    SSLContext clientSSLContext =
                       SSLUtil.createClientSSLContext(TRUST_STORE_LOCATION,
                                                      TRUST_STORE_PASSWORD);

    final IOEventDispatch connectingEventDispatch =
                                                    new DefaultHttpClientIODispatch(
                                                                                    clientHandler,
                                                                                    clientSSLContext,
                                                                                    ConnectionConfig.DEFAULT);
    ...
    connectingIOReactor.execute(connectingEventDispatch);

When I submit the request I get this error,

java.io.IOException: SSL is not supported

The stack trace is shown below.

[client <-proxy] 00000001 java.io.IOException: SSL not supported java.io.IOException: SSL not supported at org.apache.http.impl.nio.pool.BasicNIOConnFactory.create (BasicNIOConnFactory.java:159) at org .apache.http.impl.nio.pool.BasicNIOConnFactory.create (BasicNIOConnFactory.java:1) at org.apache.http.nio.pool.AbstractNIOConnPool.requestCompleted (AbstractNIOConnPool.java.484) at orgttpio .pool.AbstractNIOConnPool $ InternalSessionRequestCallback.completed (AbstractNIOConnPool.java:770) at org.apache.http.impl.nio.reactor.SessionRequestImpl.completed (SessionRequestImpl.java:127) at org.imapache.httpio.reactor .AbstractIOReactor.processNewChannels (AbstractIOReactor.java:423) at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute (AbstractIOReactor.java:288) at org.apache.http.impl.nio.reactor.BaseIOReactor.execute (BaseIOReactor.java:105) at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor $ Worker.run (AbstractMultiworkerIOReactor.java:586) at java.lang.Thread.run (Thread.java:662

I also enabled SSL debugging protocols but still couldn't figure out the problem. Then I debugged this and found out that the proxy received a request from the client and is being reset due to an exception inside the HttpAsyncRequestConsumer handle method. The exception is java.io.IOException: SSL is not supported

Also note that SSLContext works fine with reverse proxies written using the netty transport.

Any help would be appreciated.

[1] https://hc.apache.org/httpcomponents-core-ga/examples.html

Regards, Ravindra.

+3


source to share


2 answers


When using client-side connection pooling to manage outbound connections, you must ensure that the factory connection used by the pool to create new connection objects supports SSL. Make sure the connection pool is configured correctly.



+1


source


Thanks a lot for the advice. This fixed the problem.



        clientSSLContext =
                           SSLUtil.createClientSSLContext(TRUST_STORE_LOCATION,
                                                          TRUST_STORE_PASSWORD);
        BasicNIOConnFactory connectionFactory =
                                                new BasicNIOConnFactory(
                                                                        clientSSLContext,
                                                                        null,
                                                                        ConnectionConfig.DEFAULT);
        proxyConnPool = new ProxyConnPool(connectingIOReactor, connectionFactory, 5000)
+1


source






More articles:


All Articles