Connection reset exception record

Connection reset to reset connection

异常java.net.SocketException: Connection reset

details

java.net.SocketException: Connection reset
    at java.net.SocketInputStream.read(SocketInputStream.java:210)
    at java.net.SocketInputStream.read(SocketInputStream.java:141)
    at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
    at sun.security.ssl.InputRecord.read(InputRecord.java:503)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:975)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396)
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355)
    at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
    at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373)
    at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:381)
    at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237)
    at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185)
    at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
    at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:111)
    at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
    at com.senthink.www.oc.http.HttpRequester.execute(HttpRequester.java:170)

Scene back

1. The first request being given for the first time to send a request to the telecommunications Things Https platform API
2. No response
3. Only Soctet anomaly: Connection Reset

The reason

Connection Reset-- disconnect one end of the active

Connection Reset is after establishing the TCP connection, wherein one of the TCP flags reset using the Reset flag active connection

Or the client server

I am here since it is the wrong message client reported that the initiative is bound to be disconnected from the server

Why does it want to disconnect

Disconnect the server actively why the connection:

• The server to

• Server and the client does not match the length of the connection

• Https connection, inconsistent versions of TLS server and client

The reason the investigation

• The server to Telecom as the possibility of the three operators, it is not unusual server
• The length of the connection does not match If the case is the length of the connection does not match, then the response is the first time after a short disconnect the connected party, and I did not receive a response with this, so you can rule the length of the connection inconsistent
• Https connection, inconsistent versions of TLS

With the exclusion analysis showing: Causes a reset connection at this time is inconsistent TLS Version

Solution

• Check the server supports TLS version, and then switch request TLS version of the client

  TLS can check to specify the version of domain sites

• Try out the server supports TLS version

  1. Open the configuration Http client (I use HttpClient, it's TLS connection String array parameter configuration in the factory SSL)

     public CloseableHttpClient closeableHttpClient() throws Exception {
         // Trust own CA and all self-signed certs
         String userDir = System.getProperty("user.dir");
         SSLContext sslcontext = SSLContexts.custom()
             .loadTrustMaterial(
             new File(userDir + ocSetting.getCertPathCA()),
             ocSetting.getCertPasswordCA().toCharArray(),
             new TrustSelfSignedStrategy())
             .loadKeyMaterial(
             new File(userDir + ocSetting.getCertPathOutGoing()),
             ocSetting.getCertPasswordOutGoing().toCharArray(),
             ocSetting.getCertPasswordOutGoing().toCharArray())
             .build();
         // Allow TLSv1 protocol only
         //这里的问题，这里配置只允许TLSv1版本
         SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
             sslcontext,
             new String[] { "TLSv1"},
             //new String[] {"TLSv1","TLSv1.1","TLSv1.2",疯狂往里加}
             null,
             SSLConnectionSocketFactory.getDefaultHostnameVerifier());
     
         return HttpClients.custom().setSSLSocketFactory(sslsf).build();
     }

  2. In this switching TLS version, no longer appear until Connection Reset

     What TLS version? This can be seen in the sun.security.ssl.ProtocolVersion

     static final ProtocolVersion NONE = new ProtocolVersion(-1, "NONE");
     static final ProtocolVersion SSL20Hello = new ProtocolVersion(2, "SSLv2Hello");
     static final ProtocolVersion SSL30 = new ProtocolVersion(768, "SSLv3");
     static final ProtocolVersion TLS10 = new ProtocolVersion(769, "TLSv1");
     static final ProtocolVersion TLS11 = new ProtocolVersion(770, "TLSv1.1");
     static final ProtocolVersion TLS12 = new ProtocolVersion(771, "TLSv1.2");

  3. Put the server supports TLS version, the problem is solved