1. 首頁
  2. 問答
  3. javax.net.ssl.SSLHandshakeException:遠程主機在bigquery中插入行時握手期間關閉連接

javax.net.ssl.SSLHandshakeException:遠程主機在bigquery中插入行時握手期間關閉連接

2015-06-22 41 views
25

嗨我正在合併bigquery的android應用程序。我看到有時我們在向大查詢表插入數據時遇到了很多SSL異常。我不知道如何處理這個問題。請幫助解決這個問題的原因。這裏是相同的線程,但無人接聽Bigquery SSL error while doing streaming insert api calljavax.net.ssl.SSLHandshakeException:遠程主機在bigquery中插入行時握手期間關閉連接

javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:946) ~[na:1.7.0_51] 
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) ~[na:1.7.0_51] 
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) ~[na:1.7.0_51] 
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) ~[na:1.7.0_51] 
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) ~[na:1.7.0_51] 
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[na:1.7.0_51] 
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091) ~[na:1.7.0_51] 
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) ~[na:1.7.0_51] 
    at com.google.api.client.http.javanet.NetHttpRequest.execute(NetHttpRequest.java:77) ~[google-http-client-1.19.0.jar:1.19.0] 
    at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:965) ~[google-http-client-1.19.0.jar:1.19.0] 
    at com.google.api.client.googleapis.batch.BatchRequest.execute(BatchRequest.java:241) ~[google-api-client-1.19.1.jar:1.19.1] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor$$anonfun$2$$anonfun$4.apply(InsertApiActor.scala:131) ~[analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor$$anonfun$2$$anonfun$4.apply(InsertApiActor.scala:118) ~[analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.common.store.bigquery.api.BigQueryApi$.withSyncClient(BigQueryApi.scala:71) ~[analytics-common_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor$$anonfun$2.apply$mcV$sp(InsertApiActor.scala:118) ~[analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor$$anonfun$2.apply(InsertApiActor.scala:115) ~[analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor$$anonfun$2.apply(InsertApiActor.scala:115) ~[analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.common.monitoring.Timer.time(Timer.scala:15) ~[analytics-common_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor.com$livestream$analytics$datastorage$worker$InsertApiActor$$insertDataRowsToBigQueryTable(InsertApiActor.scala:115) [analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor$$anonfun$receive$1.applyOrElse(InsertApiActor.scala:80) [analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at akka.actor.Actor$class.aroundReceive(Actor.scala:465) [akka-actor_2.11-2.3.9.jar:na] 
    at com.livestream.analytics.datastorage.worker.InsertApiActor.aroundReceive(InsertApiActor.scala:54) [analytics-data-storage-worker_2.11-1.0.0.jar:1.0.0] 
    at akka.actor.ActorCell.receiveMessage(ActorCell.scala:516) [akka-actor_2.11-2.3.9.jar:na] 
    at akka.actor.ActorCell.invoke(ActorCell.scala:487) [akka-actor_2.11-2.3.9.jar:na] 
    at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:254) [akka-actor_2.11-2.3.9.jar:na] 
    at akka.dispatch.Mailbox.run(Mailbox.scala:221) [akka-actor_2.11-2.3.9.jar:na] 
    at akka.dispatch.Mailbox.exec(Mailbox.scala:231) [akka-actor_2.11-2.3.9.jar:na] 
    at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) [scala-library-2.11.5.jar:na] 
    at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339) [scala-library-2.11.5.jar:na] 
    at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) [scala-library-2.11.5.jar:na] 
    at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) [scala-library-2.11.5.jar:na] 
Caused by: java.io.EOFException: SSL peer shut down incorrectly 
    at sun.security.ssl.InputRecord.read(InputRecord.java:482) ~[na:1.7.0_51] 
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927) ~[na:1.7.0_51] 
    ... 30 common frames omitted

來源

2015-06-22 N Sharma

+1

如果您有辦法可靠地重現此問題,並且您有理由相信這不是您應用程序的錯誤,那麼您應該使用[公共問題跟蹤器中提供的所有代碼和堆棧跟蹤報告問題大量查詢(https://code.google.com/p/google-bigquery/issues/list)。此時,支持工程師將對其進行分類,並根據其嚴重性,出現問題的人數以及新增內容等因素進行處理。 – Nick

+0

您是否設法創建公開問題跟蹤器線程,或者您是否在調試過程中取得了進展?如果問題對您完全不透明(似乎沒有什麼可以做的,因爲SSL對端關閉不正確),那麼這是最好的解決方案。確保儘可能多地包含相關的代碼或日誌。 – Nick

+0

我也遇到過這個異常。然後我通過使用抽排API來解決它。如果你想,那麼我可以分享代碼。 – hitesh141

回答

1

大概是服務器要求客戶端證書,你是不是設置一個。服務器將提供可信簽署者列表,並且您的客戶端證書需要由其中一個簽名。除非您已與服務器做出特殊安排,即將您的客戶端證書導入其可信證書列表中,否則您不能爲客戶端使用自簽名證書。如果SSL客戶端找不到一個證書,或者找到的證書沒有可信任的簽名者,您的SSL客戶端將不會發送證書。

它與SSL連接建立之後將要執行的操作沒有任何關係,例如, SQL查詢,更新等。

來源

2015-07-09 07:15:46 EJP

0

如果您使用(https)請求,則需要在您的應用中添加安全證書。這裏是鏈接如何添加它。

http://stackoverflow.com/questions/4065379/how-to-create-a-bks-bouncycastle-format-java-keystore-that-contains-a-client-c

如果確實安全證書導致它可以測試,在項目中添加此類。

import java.security.KeyManagementException; 
import java.security.NoSuchAlgorithmException; 
import java.security.SecureRandom; 
import java.security.cert.X509Certificate; 

import javax.net.ssl.HostnameVerifier; 
import javax.net.ssl.HttpsURLConnection; 
import javax.net.ssl.SSLContext; 
import javax.net.ssl.SSLSession; 
import javax.net.ssl.TrustManager; 
import javax.net.ssl.X509TrustManager; 


public class HttpsTrustManager implements X509TrustManager { 

    private static TrustManager[] trustManagers; 
    private static final X509Certificate[] _AcceptedIssuers = new X509Certificate[]{}; 

    @Override 
    public void checkClientTrusted(
      java.security.cert.X509Certificate[] x509Certificates, String s) 
      throws java.security.cert.CertificateException { 

    } 

    @Override 
    public void checkServerTrusted(
      java.security.cert.X509Certificate[] x509Certificates, String s) 
      throws java.security.cert.CertificateException { 

    } 

    public boolean isClientTrusted(X509Certificate[] chain) { 
     return true; 
    } 

    public boolean isServerTrusted(X509Certificate[] chain) { 
     return true; 
    } 

    @Override 
    public X509Certificate[] getAcceptedIssuers() { 
     return _AcceptedIssuers; 
    } 

    public static void allowAllSSL() { 
     HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { 

      @Override 
      public boolean verify(String arg0, SSLSession arg1) { 
       return true; 
      } 

     }); 

     SSLContext context = null; 
     if (trustManagers == null) { 
      trustManagers = new TrustManager[]{new HttpsTrustManager()}; 
     } 

     try { 
      context = SSLContext.getInstance("TLS"); 
      context.init(null, trustManagers, new SecureRandom()); 
     } catch (NoSuchAlgorithmException e) { 
      e.printStackTrace(); 
     } catch (KeyManagementException e) { 
      e.printStackTrace(); 
     } 

     HttpsURLConnection.setDefaultSSLSocketFactory(context 
       .getSocketFactory()); 
    } 

}

,並呼籲

HttpsTrustManager.allowAllSSL(); // Allow all SSL connections
API調用之前

注意: 此代碼跳過驗證並允許任何證書工作。 此方法不應用於安全通信。 這只是爲了檢查證書認證是否導致錯誤。

來源

2015-09-01 14:00:54 iUK

+1

這個不安全的代碼不會測試服務器是否在請求客戶端證書。 – EJP

+0

如果這個問題是關於客戶端證書的,那麼這行'context.init(null,trustManagers,new SecureRandom());'肯定是錯誤的; 'null'參數是可以提供客戶端證書的'KeyManager'。 – EpicPandaForce

相關問題

 相關問題