我有一个 Web 应用程序,使用 thymeleaf、Spring Boot、AngularJS 和 Oracle sql Developer db。
在本地,我能够连接并从 Oracle 获取值。但是当我将应用程序推送到 Cloud Foundry 时,我得到的状态=500。
ERROR
我正在解组的网址具有不受信任的证书(“您的连接不安全)”。我将 cacerts 添加到我的 jvm 中,这使得它可以在本地工作。但我相信我需要将 cacerts 添加到 Cloud Foundry 中。我怎样才能做到这一点?
SSL 错误
ERR java.net.ConnectException: Connection timed out
ERR at java.net.PlainSocketImpl.socketConnect(Native Method)
ERR at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
ERR at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
ERR at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
ERR at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
ERR at java.net.Socket.connect(Socket.java:589)
ERR at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:668)
ERR at sun.net.NetworkClient.doConnect(NetworkClient.java:180)
ERR at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
ERR at sun.security.ssl.BaseSSLSocketImpl.connect(BaseSSLSocketImpl.java:173)
ERR at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:367)
ERR at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
ERR at sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:264)
ERR at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:191)
ERR at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1105)
ERR at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
ERR at rest.springframework.controllers.IndexController.getDetails(IndexController.java:59)
ERR at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
ERR at java.lang.reflect.Method.invoke(Method.java:498)
ERR at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:999)
rest.springframework.jaxb.JAXSample.readXML 处出现错误(JAXSample.java:34)
Reason
我从应用程序中删除了 jaxB 解组并上传到 Cloud Foundry,但没有获得 status=500。如何添加 SSL 来防止这种情况发生?
JaxB 样本
public deviceCert readXML(String MAC) throws MalformedURLException {
results customer = null;
deviceCert dcert = null;
String APPKEY = "Production";
try {
JAXBContext jaxbContext = JAXBContext.newInstance(results.class);
//line 34 is below VV.
URL url = new URL("https://untrusted.page.that.I.Am/unmarshalling" + "?mac=" + MAC + "&app_key=" + APPKEY);
HttpURLConnection http = (HttpURLConnection) url.openConnection();
http.addRequestProperty("User-Agent", "Mozilla/4.76");
InputStream is = http.getInputStream();
Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller();
customer = (results) jaxbUnmarshaller.unmarshal(is);
List<deviceCert> dcerts = customer.getDcerts();
dcert = dcerts.get(0);
找到相关链接here https://stackoverflow.com/questions/39391896/pivotal-cloud-foundry-security-certificates?rq=1
我跟着CF CLI SSL https://docs.cloudfoundry.org/cf-cli/self-signed.html但这并没有达到目的。
Attempt
- 在我的应用程序中创建了文件夹 resources/config/truststore。
- 将 Cert.cer 添加到信任库文件夹中。
- 将应用程序推送到 Cloud Foundry。
- cf set-env my-app JAVA_OPTS '-Djavax.net.ssl.TrustStore=classpath:resources/config/truststore'
同样的错误没有任何改变。
尝试2
<dependency>
<groupId>io.pivotal.spring.cloud</groupId>
<artifactId>cloudfoundry-certificate-truster</artifactId>
<version>1.0.1.RELEASE</version>
</dependency>
添加依赖项
重新打包app,上传至cf。
-
Cloud Foundry 添加环境变量
CF_TARGET=https://api.my-cf-domain.com https://api.my-cf-domain.com
//url of my secured/untrusted page
GitHub 示例 https://github.com/pivotal-cf/cloudfoundry-certificate-truster
新的 StackTrace 错误
ERR at java.util.concurrent.FutureTask.get(FutureTask.java:205)
ERR at io.pivotal.springcloud.ssl.SslCertificateTruster.getUntrustedCertificateInternal(SslCertificateTruster.java:90)
ERR at io.pivotal.springcloud.ssl.SslCertificateTruster.getUntrustedCertificate(SslCertificateTruster.java:66)
ERR at io.pivotal.springcloud.ssl.CloudFoundryCertificateTruster.trustCertificatesInternal(CloudFoundryCertificateTruster.java:44)
ERR at io.pivotal.springcloud.ssl.CloudFoundryCertificateTruster.trustCertificates(CloudFoundryCertificateTruster.java:32)
ERR at org.springframework.boot.SpringApplication.createSpringFactoriesInstances(SpringApplication.java:420)
ERR at org.springframework.boot.SpringApplication.getSpringFactoriesInstances(SpringApplication.java:403)
ERR at org.springframework.boot.SpringApplication.getSpringFactoriesInstances(SpringApplication.java:394)
ERR at org.springframework.boot.SpringApplication.initialize(SpringApplication.java:261)
ERR at org.springframework.boot.SpringApplication.<init>(SpringApplication.java:237)
ERR at org.springframework.boot.SpringApplication.run(SpringApplication.java:1175)
ERR at rest.springframework.SpringBootWebApplication.main(SpringBootWebApplication.java:13)
ERR at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
ERR at java.lang.reflect.Method.invoke(Method.java:498)
ERR at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:48)
ERR at org.springframework.boot.loader.Launcher.launch(Launcher.java:87)
ERR at org.springframework.boot.loader.Launcher.launch(Launcher.java:50)
为什么这个作品在本地可以找到而在云端却找不到?