您的位置: 首页  >  技术问答  >  javax.net.ssl.SSLHandshakeException:远程主机在bigquery中插入行时握手期间关闭连接

javax.net.ssl.SSLHandshakeException:远程主机在bigquery中插入行时握手期间关闭连接

分类: 技术问答 2022-09-22 11:11:26
问题描述:

嗨我正在合并bigquery的android应用程序。我看到有时我们在向大查询表插入数据时遇到了很多SSL异常。我不知道如何处理这个问题。请帮助解决这个问题的原因。这里是相同的线程,但无人接听Bigquery SSL error while doing streaming insert api calljavax.net.ssl.SSLHandshakeException:远程主机在bigquery中插入行时握手期间关闭连接

javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:946) ~[na:1.7.0_51] 
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) ~[na:1.7.0_51] 
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) ~[na:1.7.0_51] 
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) ~[na:1.7.0_51] 
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) ~[na:1.7.0_51] 
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[na:1.7.0_51] 
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091) ~[na:1.7.0_51] 
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) ~[na:1.7.0_51] 
    at com.google.api.client.http.javanet.NetHttpRequest.execute(NetHttpRequest.java:77) ~[google-http-client-1.19.0.jar:1.19.0] 
    at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:965) ~[google-http-client-1.19.0.jar:1.19.0] 
    at com.google.api.client.googleapis.batch.BatchRequest.execute(BatchRequest.java:241) ~[google-api-client-1.19.1.jar:1.19.1] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor$$anonfun$2$$anonfun$4.apply(InsertApiActor.scala:131) ~[analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor$$anonfun$2$$anonfun$4.apply(InsertApiActor.scala:118) ~[analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.common.store.bigquery.api.BigQueryApi$.withSyncClient(BigQueryApi.scala:71) ~[analytics-common_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor$$anonfun$2.apply$mcV$sp(InsertApiActor.scala:118) ~[analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor$$anonfun$2.apply(InsertApiActor.scala:115) ~[analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor$$anonfun$2.apply(InsertApiActor.scala:115) ~[analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.common.monitoring.Timer.time(Timer.scala:15) ~[analytics-common_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor.com$livestream$analytics$datastorage$worker$InsertApiActor$$insertDataRowsToBigQueryTable(InsertApiActor.scala:115) [analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor$$anonfun$receive$1.applyOrElse(InsertApiActor.scala:80) [analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at akka.actor.Actor$class.aroundReceive(Actor.scala:465) [akka-actor_2.11-2.3.9.jar:na] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor.aroundReceive(InsertApiActor.scala:54) [analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at akka.actor.ActorCell.receiveMessage(ActorCell.scala:516) [akka-actor_2.11-2.3.9.jar:na] 
    at akka.actor.ActorCell.invoke(ActorCell.scala:487) [akka-actor_2.11-2.3.9.jar:na] 
    at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:254) [akka-actor_2.11-2.3.9.jar:na] 
    at akka.dispatch.Mailbox.run(Mailbox.scala:221) [akka-actor_2.11-2.3.9.jar:na] 
    at akka.dispatch.Mailbox.exec(Mailbox.scala:231) [akka-actor_2.11-2.3.9.jar:na] 
    at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) [scala-library-2.11.5.jar:na] 
    at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339) [scala-library-2.11.5.jar:na] 
    at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) [scala-library-2.11.5.jar:na] 
    at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) [scala-library-2.11.5.jar:na] 
Caused by: java.io.EOFException: SSL peer shut down incorrectly 
    at sun.security.ssl.InputRecord.read(InputRecord.java:482) ~[na:1.7.0_51] 
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927) ~[na:1.7.0_51] 
    ... 30 common frames omitted
+1

如果您有办法可靠地重现此问题,并且您有理由相信这不是您应用程序的错误,那么您应该使用[公共问题跟踪器中提供的所有代码和堆栈跟踪报告问题大量查询(https://code.google.com/p/google-bigquery/issues/list)。此时,支持工程师将对其进行分类,并根据其严重性,出现问题的人数以及新增内容等因素进行处理。 – Nick

+0

您是否设法创建公开问题跟踪器线程,或者您是否在调试过程中取得了进展?如果问题对您完全不透明(似乎没有什么可以做的,因为SSL对端关闭不正确),那么这是最好的解决方案。确保尽可能多地包含相关的代码或日志。 – Nick

+0

我也遇到过这个异常。然后我通过使用抽排API来解决它。如果你想,那么我可以分享代码。 – hitesh141

大概是服务器要求客户端证书,你是不是设置一个。服务器将提供可信签署者列表,并且您的客户端证书需要由其中一个签名。除非您已与服务器做出特殊安排,即将您的客户端证书导入其可信证书列表中,否则您不能为客户端使用自签名证书。如果SSL客户端找不到一个证书,或者找到的证书没有可信任的签名者,您的SSL客户端将不会发送证书。

它与SSL连接建立之后将要执行的操作没有任何关系,例如, SQL查询,更新等。

如果您使用(https)请求,则需要在您的应用中添加安全证书。这里是链接如何添加它。

http://*.com/questions/4065379/how-to-create-a-bks-bouncycastle-format-java-keystore-that-contains-a-client-c

如果确实安全证书导致它可以测试,在项目中添加此类。

import java.security.KeyManagementException; 
import java.security.NoSuchAlgorithmException; 
import java.security.SecureRandom; 
import java.security.cert.X509Certificate; 

import javax.net.ssl.HostnameVerifier; 
import javax.net.ssl.HttpsURLConnection; 
import javax.net.ssl.SSLContext; 
import javax.net.ssl.SSLSession; 
import javax.net.ssl.TrustManager; 
import javax.net.ssl.X509TrustManager; 


public class HttpsTrustManager implements X509TrustManager { 

    private static TrustManager[] trustManagers; 
    private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[]{}; 

    @Override 
    public void checkClientTrusted(
      java.security.cert.X509Certificate[] x509Certificates, String s) 
      throws java.security.cert.CertificateException { 

    } 

    @Override 
    public void checkServerTrusted(
      java.security.cert.X509Certificate[] x509Certificates, String s) 
      throws java.security.cert.CertificateException { 

    } 

    public boolean isClientTrusted(X509Certificate[] chain) { 
     return true; 
    } 

    public boolean isServerTrusted(X509Certificate[] chain) { 
     return true; 
    } 

    @Override 
    public X509Certificate[] getAcceptedIssuers() { 
     return _AcceptedIssuers; 
    } 

    public static void allowAllSSL() { 
     HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { 

      @Override 
      public boolean verify(String arg0, SSLSession arg1) { 
       return true; 
      } 

     }); 

     SSLContext context = null; 
     if (trustManagers == null) { 
      trustManagers = new TrustManager[]{new HttpsTrustManager()}; 
     } 

     try { 
      context = SSLContext.getInstance("TLS"); 
      context.init(null, trustManagers, new SecureRandom()); 
     } catch (NoSuchAlgorithmException e) { 
      e.printStackTrace(); 
     } catch (KeyManagementException e) { 
      e.printStackTrace(); 
     } 

     HttpsURLConnection.setDefaultSSLSocketFactory(context 
       .getSocketFactory()); 
    } 

}

,并呼吁

HttpsTrustManager.allowAllSSL(); // Allow all SSL connections
API调用之前

注意: 此代码跳过验证并允许任何证书工作。 此方法不应用于安全通信。 这只是为了检查证书认证是否导致错误。

+1

这个不安全的代码不会测试服务器是否在请求客户端证书。 – EJP

+0

如果这个问题是关于客户端证书的,那么这行'context.init(null,trustManagers,new SecureRandom());'肯定是错误的; 'null'参数是可以提供客户端证书的'KeyManager'。 – EpicPandaForce

相关推荐