https单双向验证环境的搭建参见:http://www.cnblogs.com/YDDMAX/p/5368404.html

一、单向握手

示例程序:

package com.ydd.study.hello.httpclient;import java.io.File;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;import javax.net.ssl.SSLContext;import org.apache.http.HttpHost;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.routing.HttpRoute;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.util.EntityUtils;public class OneTLSPool {public static CloseableHttpClient httpclient;// 获得池化得HttpClientstatic {// 设置truststoreSSLContext sslcontext = null;try {sslcontext = SSLContexts.custom().loadTrustMaterial(new File("D://https//ca//cl.jks"),"123456".toCharArray(),new TrustSelfSignedStrategy()).build();} catch (Exception e) {// TODO Auto-generated catch block
            e.printStackTrace();}// 客户端支持TLSV1,TLSV2,TLSV3这三个版本SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext, new String[] { "TLSv1", "TLSv2", "TLSv3" }, null,SSLConnectionSocketFactory.getDefaultHostnameVerifier());// 客户端验证服务器身份的策略// Create a registry of custom connection socket factories for supported// protocol schemes.Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory> create().register("http", PlainConnectionSocketFactory.INSTANCE).register("https", new SSLConnectionSocketFactory(sslcontext)).build();PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);// Configure total max or per route limits for persistent connections// that can be kept in the pool or leased by the connection manager.connManager.setMaxTotal(100);connManager.setDefaultMaxPerRoute(10);// 个性化设置某个url的连接connManager.setMaxPerRoute(new HttpRoute(new HttpHost("www.y.com",80)), 20);httpclient = HttpClients.custom().setConnectionManager(connManager).build();}/*** 单向验证且服务端的证书可信* @throws IOException * @throws ClientProtocolException */public static void oneWayAuthorizationAccepted() throws ClientProtocolException, IOException {// Execution context can be customized locally.HttpClientContext context = HttpClientContext.create();HttpGet httpget = new HttpGet("https://www.yunzhu.com:8443");// 设置请求的配置RequestConfig requestConfig = RequestConfig.custom().setSocketTimeout(5000).setConnectTimeout(5000).setConnectionRequestTimeout(5000).build();httpget.setConfig(requestConfig);System.out.println("executing request " + httpget.getURI());CloseableHttpResponse response = httpclient.execute(httpget, context);try {System.out.println("----------------------------------------");System.out.println(response.getStatusLine());System.out.println(EntityUtils.toString(response.getEntity()));System.out.println("----------------------------------------");// Once the request has been executed the local context can// be used to examine updated state and various objects affected// by the request execution.// Last executed request
            context.getRequest();// Execution route
            context.getHttpRoute();// Target auth state
            context.getTargetAuthState();// Proxy auth state
            context.getTargetAuthState();// Cookie origin
            context.getCookieOrigin();// Cookie spec used
            context.getCookieSpec();// User security token
            context.getUserToken();} catch (Exception e) {e.printStackTrace();}}public static void main(String[] a) throws KeyManagementException,NoSuchAlgorithmException, KeyStoreException, CertificateException,IOException {oneWayAuthorizationAccepted();
    }
}

1、用eclipse运行的时候报NoSuchAlgorithmException的错。将eclipse的JRE删除再重新导入本地的JRE就解决了。应该是缺失一些JDK的jar导致。

executing request https://www.yunzhu.com:8443
Exception in thread "main" javax.net.ssl.SSLKeyException: RSA premaster secret errorat sun.security.ssl.RSAClientKeyExchange.<init>(Unknown Source)at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source)at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)at sun.security.ssl.Handshaker.processLoop(Unknown Source)at sun.security.ssl.Handshaker.process_record(Unknown Source)at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:141)at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)at com.ydd.study.hello.httpclient.OneTLSPool.oneWayAuthorizationAccepted(OneTLSPool.java:138)at com.ydd.study.hello.httpclient.OneTLSPool.main(OneTLSPool.java:172)
Caused by: java.security.NoSuchAlgorithmException: SunTlsRsaPremasterSecret KeyGenerator not availableat javax.crypto.KeyGenerator.<init>(KeyGenerator.java:158)at javax.crypto.KeyGenerator.getInstance(KeyGenerator.java:207)at sun.security.ssl.JsseJce.getKeyGenerator(Unknown Source)... 22 more

上面的程序使用JDK7将导致自己签名的证书验证失败,报的错误和下面的请求百度报的错相同。使用JDK6成功。这是JDK7的一个bug引起的:http://bugs.java.com/bugdatabase/view_bug.do?bug_id=7018897

针对于JDK7的这个bug需要使用下面的代码:

package com.ydd.study.hello.httpclient;import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;import org.apache.http.HttpHost;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.routing.HttpRoute;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.util.EntityUtils;public class OneTLSPool {public static CloseableHttpClient httpclient;public static final String KEY_STORE_TRUST_PATH = "D://https//ca//cl.jks"; // truststore的路径public static final String KEY_STORE_TYPE_JKS = "jks"; // truststore的类型private static final String KEY_STORE_TRUST_PASSWORD = "123456"; // truststore的密码// 获得池化得HttpClientstatic {SSLContext sslcontext = null;try {// 设置truststoreKeyStore trustStore = KeyStore.getInstance(KEY_STORE_TYPE_JKS);InputStream tsIn = new FileInputStream(new File(KEY_STORE_TRUST_PATH));try {trustStore.load(tsIn, KEY_STORE_TRUST_PASSWORD.toCharArray());} finally {try {tsIn.close();} catch (Exception ignore) {}}sslcontext = SSLContexts.custom().loadTrustMaterial(trustStore, new TrustSelfSignedStrategy()).build();//解决jdk7的ssl的自签名会有问题的bug,如果不是jdk7,则下面的代码可以没有//bug地址:http://bugs.java.com/bugdatabase/view_bug.do?bug_id=7018897X509TrustManager xtm = new X509TrustManager(){   //创建TrustManager    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}    public X509Certificate[] getAcceptedIssuers() {   return null;   //return new java.security.cert.X509Certificate[0];
                }  };   sslcontext.init(null, new TrustManager[]{xtm}, null);//解决bug结束} catch (Exception e) {e.printStackTrace();}// 客户端支持TLSV1,TLSV2,TLSV3这三个版本SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext,new String[] { "TLSv1", "TLSv2", "TLSv3" }, null,SSLConnectionSocketFactory.getDefaultHostnameVerifier());// 客户端验证服务器身份的策略// Create a registry of custom connection socket factories for supported// protocol schemes.Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory> create().register("http", PlainConnectionSocketFactory.INSTANCE).register("https", new SSLConnectionSocketFactory(sslcontext)).build();PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);// Configure total max or per route limits for persistent connections// that can be kept in the pool or leased by the connection manager.connManager.setMaxTotal(100);connManager.setDefaultMaxPerRoute(10);// 个性化设置某个url的连接connManager.setMaxPerRoute(new HttpRoute(new HttpHost("www.y.com", 80)), 20);httpclient = HttpClients.custom().setConnectionManager(connManager).build();}/*** 单向验证且服务端的证书可信* * @throws IOException* @throws ClientProtocolException*/public static void oneWayAuthorizationAccepted() throws ClientProtocolException, IOException {// Execution context can be customized locally.HttpClientContext context = HttpClientContext.create();HttpGet httpget = new HttpGet("https://www.yunzhu.com:8443");// 设置请求的配置RequestConfig requestConfig = RequestConfig.custom().setSocketTimeout(5000).setConnectTimeout(5000).setConnectionRequestTimeout(5000).build();httpget.setConfig(requestConfig);System.out.println("executing request " + httpget.getURI());CloseableHttpResponse response = httpclient.execute(httpget, context);try {System.out.println("----------------------------------------");System.out.println(response.getStatusLine());System.out.println(EntityUtils.toString(response.getEntity()));System.out.println("----------------------------------------");// Once the request has been executed the local context can// be used to examine updated state and various objects affected// by the request execution.// Last executed request
            context.getRequest();// Execution route
            context.getHttpRoute();// Target auth state
            context.getTargetAuthState();// Proxy auth state
            context.getTargetAuthState();// Cookie origin
            context.getCookieOrigin();// Cookie spec used
            context.getCookieSpec();// User security token
            context.getUserToken();} catch (Exception e) {e.printStackTrace();}}public static void main(String[] a) throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException,CertificateException, IOException {oneWayAuthorizationAccepted();}
}

下面是请求百度时因为client端没有信任百度的CA证书,所以单向不能验证成功

executing request https://www.baidu.com
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetat sun.security.ssl.Alerts.getSSLException(Alerts.java:192)at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1439)at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)at sun.security.ssl.Handshaker.processLoop(Handshaker.java:878)at sun.security.ssl.Handshaker.process_record(Handshaker.java:814)at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:141)at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)at com.ydd.study.hello.httpclient.OneTLSPool.oneWayAuthorizationDenied(OneTLSPool.java:91)at com.ydd.study.hello.httpclient.OneTLSPool.main(OneTLSPool.java:173)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetat sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)at sun.security.validator.Validator.validate(Validator.java:260)at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:107)at org.apache.http.ssl.SSLContextBuilder$TrustManagerDelegate.checkServerTrusted(SSLContextBuilder.java:298)at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:813)at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1421)... 20 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetat sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)... 28 more

client信任了www.yunzhu.com:8443的CA证书,单项验证成功

executing request https://www.yunzhu.com:8443
----------------------------------------
HTTP/1.1 200 OK<!DOCTYPE html><html lang="en">(tomcat主页的html内容)
</html>----------------------------------------

二、双向握手

示例代码:

package com.ydd.study.hello.httpclient;import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLContext;
import org.apache.http.HttpHost;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.routing.HttpRoute;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContexts;
import org.apache.http.util.EntityUtils;public class DoubleWayTlsPool {public static CloseableHttpClient httpclient;public static final String KEY_STORE_TRUST_PATH = "D://https//ca//cl.jks"; // truststore的路径public static final String KEY_STORE_TYPE_JKS = "jks"; // truststore的类型private static final String KEY_STORE_TRUST_PASSWORD = "123456"; // truststore的密码public static final String KEY_STORE_CLIENT_PATH="D://https//client//client.p12";public static final String KEY_STORE_TYPE_P12="PKCS12";  private static final String KEY_STORE_PASSWORD="123456";// 获得池化得HttpClientstatic {SSLContext sslcontext = null;try {// 设置truststoreKeyStore trustStore = KeyStore.getInstance(KEY_STORE_TYPE_JKS);KeyStore keyStore  = KeyStore.getInstance(KEY_STORE_TYPE_P12);  InputStream ksIn = new FileInputStream(KEY_STORE_CLIENT_PATH);  InputStream tsIn = new FileInputStream(new File(KEY_STORE_TRUST_PATH));try {keyStore.load(ksIn, KEY_STORE_PASSWORD.toCharArray());  trustStore.load(tsIn, KEY_STORE_TRUST_PASSWORD.toCharArray());} finally {try {ksIn.close();tsIn.close();} catch (Exception e) {e.printStackTrace();}}sslcontext = SSLContexts.custom().loadTrustMaterial(trustStore, new TrustSelfSignedStrategy()).loadKeyMaterial(keyStore, KEY_STORE_PASSWORD.toCharArray()).build();//下面的代码可以动态的设置握手验证证书的策略,可以不用手工导入证书,而只要程序控制即可//bug地址:http://bugs.java.com/bugdatabase/view_bug.do?bug_id=7018897/*    X509TrustManager xtm = new X509TrustManager(){   //创建TrustManager    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}    public X509Certificate[] getAcceptedIssuers() {   return null;   //return new java.security.cert.X509Certificate[0];    }  };   sslcontext.init(null, new TrustManager[]{xtm}, null);*///解决bug结束} catch (Exception e) {e.printStackTrace();}// 客户端支持TLSV1,TLSV2,TLSV3这三个版本SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslcontext,new String[] { "TLSv1", "TLSv2", "TLSv3" }, null,SSLConnectionSocketFactory.getDefaultHostnameVerifier());// 客户端验证服务器身份的策略// Create a registry of custom connection socket factories for supported// protocol schemes.Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory> create().register("http", PlainConnectionSocketFactory.INSTANCE).register("https", new SSLConnectionSocketFactory(sslcontext)).build();PoolingHttpClientConnectionManager connManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);// Configure total max or per route limits for persistent connections// that can be kept in the pool or leased by the connection manager.connManager.setMaxTotal(100);connManager.setDefaultMaxPerRoute(10);// 个性化设置某个url的连接connManager.setMaxPerRoute(new HttpRoute(new HttpHost("www.y.com", 80)), 20);httpclient = HttpClients.custom().setConnectionManager(connManager).build();}/*** 单向验证且服务端的证书可信* * @throws IOException* @throws ClientProtocolException*/public static void doubleWayAuthorizationAccepted() throws ClientProtocolException, IOException {// Execution context can be customized locally.HttpClientContext context = HttpClientContext.create();HttpGet httpget = new HttpGet("https://www.yunzhu.com:8443");// 设置请求的配置RequestConfig requestConfig = RequestConfig.custom().setSocketTimeout(5000).setConnectTimeout(5000).setConnectionRequestTimeout(5000).build();httpget.setConfig(requestConfig);System.out.println("executing request " + httpget.getURI());CloseableHttpResponse response = httpclient.execute(httpget, context);try {System.out.println("----------------------------------------");System.out.println(response.getStatusLine());System.out.println(EntityUtils.toString(response.getEntity()));System.out.println("----------------------------------------");// Once the request has been executed the local context can// be used to examine updated state and various objects affected// by the request execution.// Last executed request
            context.getRequest();// Execution route
            context.getHttpRoute();// Target auth state
            context.getTargetAuthState();// Proxy auth state
            context.getTargetAuthState();// Cookie origin
            context.getCookieOrigin();// Cookie spec used
            context.getCookieSpec();// User security token
            context.getUserToken();} catch (Exception e) {e.printStackTrace();}}public static void main(String[] a) throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException,CertificateException, IOException {doubleWayAuthorizationAccepted();}
}

该程序在JDK6运行成功。

使用X509TrustManager可以动态的改变握手时验证证书的行为。可以利用这点来动态的导入证书,而不是需要手动的导入证书。 具体的用法参见下面的博客:

http://www.cnblogs.com/devinzhang/archive/2012/02/28/2371631.html

转载于:https://www.cnblogs.com/YDDMAX/p/5380131.html

使用HttpClient连接池进行https单双向验证相关推荐

  1. Http持久连接与HttpClient连接池

    以下文章来源方志朋的博客,回复"666"获面试宝典 一.背景 HTTP协议是无状态的协议,即每一次请求都是互相独立的.因此它的最初实现是,每一个http请求都会打开一个tcp so ...

  2. HttpClient连接池抛出大量ConnectionPoolTimeoutException: Timeout waiting for connection异常排查

    HttpClient连接池抛出大量ConnectionPoolTimeoutException: Timeout waiting for connection异常排查 参考文章: (1)HttpCli ...

  3. 问题备忘: httpclient连接池异常引发的惨案

    1. 问题描述 客户端A --> Ngnix --> 服务B Ngnix做服务B的负载,客户端访问服务B时,客户端偶尔会有抛出TimeoutException异常. 举个例子:如A在09: ...

  4. Apache HttpClient连接池泄露问题排查

    Apache HttpClient连接池泄露问题排查 问题背景 业务系统主要的业务是一个数据聚合管理平台,其中系统有一个功能是同步所有资源(简称 大同步) 业务同步数据请求数据工具是适配 Apache ...

  5. http(S)系列之(三):https单/双向认证区别

    前言 没有梗了,挖槽,不是朕的风格,硬来一个:昨晚做梦妻妾成群,年收入超千万了,可惜被儿子一泡尿滋醒了 参考文献 扯一扯HTTPS单向认证.双向认证.抓包原理.反抓包策略 提醒:参考文献里面涉及到单向 ...

  6. Http 持久连接与 HttpClient 连接池

    转载自  Http 持久连接与 HttpClient 连接池 一.背景 HTTP协议是无状态的协议,即每一次请求都是互相独立的.因此它的最初实现是,每一个http请求都会打开一个tcp socket连 ...

  7. oracle conneciton properties,在WAS Liberty连接池中,我可以验证借用连接吗?

    我们当前正在将应用程序迁移到Liberty服务器(8.5.5.9)上运行.我们发现应用程序服务器和数据库之间的连接偶尔会被防火墙终止,因为它们会在很长一段时间内处于空闲状态.发生这种情况时,在下一个H ...

  8. HttpClient连接池及重试机制

    (一)HttpClient 简介 HttpClient 是Apache Jakarta Common 下的子项目,可以用来提供高效的.最新的.功能丰富的支持 HTTP 协议的客户端编程工具包,基于标准 ...

  9. HttpClient连接池小记

    **欢迎关注公众号** **微信扫一扫** [仅需9.9订阅专栏合集,作者所有付费文章都能看(持续更新)] 推荐[Kafka教程]https://bigbird.blog.csdn.net/artic ...

最新文章

  1. 小程序判断用户在线状态
  2. [Android开发常见问题-12] Android开发中debug.keystore如何使用。
  3. Mysql可视化工具Navicat中文版下载和报错解决
  4. NSNotification、delegate和KVO的区别
  5. linux connect 阻塞超时时间,在linux下玩转带有超时时间的connect函数
  6. note.. redis五大数据类型
  7. 如何解决Binder泄漏问题
  8. 抓住训练集中真正有用的样本,提升模型整体性能!
  9. SVN创建不了资源库位置 解决方案
  10. Java环境变量CLASSPATH详解
  11. JS-元素的样式操作-文本内容-位置
  12. 安装readline出现错误
  13. Win32 SDK消息处理技巧
  14. Confluence 6 自定义管理员联系信息
  15. Linux下处理BOM头和^M的简单方法
  16. Swift - 使用xib添加新界面
  17. 13.vim 全局替换路径
  18. 智能小车35:从汇编指令bne聊起
  19. Cisco IP Phone 功能亮相(4)
  20. 计算机博士复试英语自我介绍,博士复试自我介绍中英文

热门文章

  1. Mac OS X 下 TAR.GZ 方式安装 MySQL5.6
  2. 使用shell实现zookeeper集群的自动搭建
  3. sql不能使用OpenRowset
  4. 基于报文大小的策略路由
  5. Linux命令备忘实例——排序和基本统计命令
  6. 在XCode的一个项目中创建多个C/C++/Cpp文件并分别运行——创建多个target实现
  7. 蓝桥杯 ALGO-123 算法训练 A+B problem
  8. 计算机网络与社会需求,计算机网络的技术论文计算机网络与社会需求.doc
  9. springMVC 拦截器简单配置
  10. 中小企业上云多地域办公组网(SAG)解决方案