问题描述
我使用它的免费SSL功能将我的网站置于CloudFlare之后。
浏览器中的每一件事都很好。 SSL锁定在浏览器中正确显示。
但是,如果我使用Java程序向同一个Web发出HTTP GET请求,我将获得异常。
以下是我写的小java程序。
package com.mycompany.textexception;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
public class Main {
public static void main(String [] args) throws IOException, URISyntaxException{
URI loginUri = new URI("https://site-behind-cf.in/");
HttpClient httpclient = new DefaultHttpClient();
HttpGet httpget = new HttpGet( loginUri );
HttpResponse response = httpclient.execute( httpget );
System.out.println("Done");
}
}
例外是
Exception in thread "main" java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:79)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:345)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:656)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:524)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:403)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
at com.mycompany.textexception.Main.main(Main.java:26)
注意:如果我指向https://www.google.co.in或https://my-other-web.com并且不是CloudFlare并且已经发布了自己的SSL,那么相同的程序将正常工作。
1楼
SSL for Free计划利用Comodo或GlobalSign的Elliptic Curve数字签名算法(ECDSA)证书。
这些证书仅适用于支持服务器名称指示(SNI)的现代浏览器
如果你去Cloudflare Pro,你可能没有同样的问题
2楼
SSL for Free计划利用Comodo或GlobalSign的Elliptic Curve数字签名算法(ECDSA)证书。
这些证书仅适用于支持服务器名称指示(SNI)的现代浏览器
您需要添加相同的标题浏览器(支持SNI)才能为您完成。 以下测试代码可能对您有所帮助。 谢谢。
import java.io.IOException;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.HttpClients;
public class CloudFlareTest {
public static void main(String[] params){
HttpClient httpClient = HttpClients.createDefault();
HttpGet getMethod = new HttpGet("https://your.domain.com/path/to/yourrequest");
getMethod.addHeader(":authority", "your.domain.com");
getMethod.addHeader(":method","GET");
getMethod.addHeader(":path","/path/to/yourrequest");
getMethod.addHeader(":scheme","https");
try {
HttpResponse httpResponse = httpClient.execute(getMethod);
if(httpResponse.getStatusLine().getStatusCode() == 200){
System.out.println("Done: " + httpResponse.getEntity().getContentLength());
}
} catch (ClientProtocolException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}