我发现自己努力为我们的akka-http java应用程序启用https支持。文档页面(https://doc.akka.io/docs/akka-http/current/server-side/server-https-support.html)应该有所帮助,但由于某些原因,它没有帮助。
从我从该页面得到的信息开始-想法是获取HttpsConnectionContext
实例,并将其用作http.setDefaultClientHttpsContext(...)
方法调用的参数,然后实际进行路由绑定。
到目前为止我所拥有的:
根据配置创建SSLContext
的代码:
public static SSLContext getSslContext(String path, ActorSystem system) {
final AkkaSSLConfig sslConfig = AkkaSSLConfig.get(system);
final Config overrides = system.settings().config().getConfig(path);
final Config defaults = system.settings().config().getConfig("ssl-config");
final SSLConfigSettings config = SSLConfigFactory.parse(overrides.withFallback(defaults));
return new ConfigSSLContextBuilder(
new AkkaLoggerFactory(system),
config,
sslConfig.buildKeyManagerFactory(config),
sslConfig.buildTrustManagerFactory(config)
).build();
}
实际的配置安全性:
akka.ssl-config {
trustManager = {
stores = [
{ type: "JKS" , path: "xxx-truststore.jks", password = "xxx"}
]
}
keyManager = {
stores = [
{ type: "JKS" , path: "xxx-keystore.jks", password = "xxx"}
]
}
}
使用它们启用https:
final SSLContext sslContext = Utils.getSslContext("akka.ssl-config", system);
final HttpsConnectionContext httpsContext = ConnectionContext.https(sslContext);
http.setDefaultClientHttpsContext(httpsContext);
final CompletionStage<ServerBinding> binding =
http.bindAndHandle(routeFlow, ConnectHttp.toHost("localhost",443), materializer);
但是实际上什么也没做。如果我尝试对服务器进行一些https调用,则会收到以下异常:
Illegal request, responding with status '400 Bad Request': Unsupported HTTP method: The HTTP method started with 0x16 rather than any known HTTP method. Perhaps this was an HTTPS request sent to an HTTP endpoint?
我可能丢失了一些东西,但我不知道是什么
看起来毕竟是我的错)使用的方法显然是http.setDefaultServerHttpContext(...)
而不是http.setDefaultClientHttpsContext(...)