Hello, I have a Tomcat server running on port 8112 via HTTPS. The Tomcat has http2 enabled and is running with OpenJDK11. Now when I try to connect with HTTPClient 5.0-beta5 I get this exception: =================== 2019-07-22 12:22:57,699 [https-jsse-nio-8443-exec-2] INFO : Recoverable I/O exception (org.apache.hc.core5.http.NoHttpResponseException) caught when processing request to {s}->https://localhost:8112 2019-07-22 12:22:57,709 [https-jsse-nio-8443-exec-2] INFO : Recoverable I/O exception (org.apache.hc.core5.http.NoHttpResponseException) caught when processing request to {s}->https://localhost:8112 2019-07-22 12:22:57,719 [https-jsse-nio-8443-exec-2] INFO : Recoverable I/O exception (org.apache.hc.core5.http.NoHttpResponseException) caught when processing request to {s}->https://localhost:8112 2019-07-22 12:22:57,732 [https-jsse-nio-8443-exec-2] ERROR: localhost:8112 failed to respond org.apache.hc.core5.http.NoHttpResponseException: localhost:8112 failed to respond at org.apache.hc.core5.http.impl.io.DefaultHttpResponseParser.createConnectionClosedException(DefaultHttpResponseParser.java:87) at org.apache.hc.core5.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:243) at org.apache.hc.core5.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:53) at org.apache.hc.core5.http.impl.io.DefaultBHttpClientConnection.receiveResponseHeader(DefaultBHttpClientConnection.java:187) at org.apache.hc.core5.http.impl.io.HttpRequestExecutor.execute(HttpRequestExecutor.java:181) at org.apache.hc.core5.http.impl.io.HttpRequestExecutor.execute(HttpRequestExecutor.java:224) at org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager$InternalConnectionEndpoint.execute(PoolingHttpClientConnectionManager.java:596) at org.apache.hc.client5.http.impl.classic.InternalExecRuntime.execute(InternalExecRuntime.java:220) at org.apache.hc.client5.http.impl.classic.MainClientExec.execute(MainClientExec.java:107) at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51) at org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(ExecChainElement.java:57) at org.apache.hc.client5.http.impl.classic.ConnectExec.execute(ConnectExec.java:181) at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51) at org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(ExecChainElement.java:57) at org.apache.hc.client5.http.impl.classic.ProtocolExec.execute(ProtocolExec.java:165) at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51) at org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(ExecChainElement.java:57) at org.apache.hc.client5.http.impl.classic.RetryExec.execute(RetryExec.java:88) at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51) at org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(ExecChainElement.java:57) at org.apache.hc.client5.http.impl.classic.RedirectExec.execute(RedirectExec.java:116) at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51) at org.apache.hc.client5.http.impl.classic.ExecChainElement$1.proceed(ExecChainElement.java:57) at org.apache.hc.client5.http.impl.classic.ContentCompressionExec.execute(ContentCompressionExec.java:125) at org.apache.hc.client5.http.impl.classic.ExecChainElement.execute(ExecChainElement.java:51) at org.apache.hc.client5.http.impl.classic.InternalHttpClient.doExecute(InternalHttpClient.java:175) at org.apache.hc.client5.http.impl.classic.CloseableHttpClient.execute(CloseableHttpClient.java:77) at com.nemesis.console.backend.storefront.DefaultRestAuthenticationProvider.authenticate(DefaultRestAuthenticationProvider.java:116) ===================
- If I change the URL from https://localhost:8112/storefront/rest/auth to https://some-website-with-valid-certificate.com/ it all works fine. - If I change the Tomcat server to work with HTTP1.1 it all works fine. Here is my code: =================== try { // Trust standard CA and those trusted by our custom strategy final SSLContext sslcontext = SSLContexts.custom().loadTrustMaterial(new TrustStrategy() { @Override public boolean isTrusted(final X509Certificate[] chain, final String authType) throws CertificateException { return true; } }).build(); int timeout = 5; RequestConfig config = RequestConfig.custom().setResponseTimeout(timeout, TimeUnit.SECONDS).setConnectTimeout(timeout, TimeUnit.SECONDS).build(); // Allow TLSv1.2 protocol only final SSLConnectionSocketFactory sslSocketFactory = SSLConnectionSocketFactoryBuilder.create().setSslContext(sslcontext).setTlsVersions(TLS.V_1_2) .setHostnameVerifier(NoopHostnameVerifier.INSTANCE).build(); Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", sslSocketFactory).build(); HttpClientConnectionManager ccm = new PoolingHttpClientConnectionManager(registry); try (CloseableHttpClient httpclient = HttpClients.custom().setRetryHandler(new DefaultHttpRequestRetryHandler(3)).setDefaultRequestConfig(config) .setConnectionManager(ccm).build()) { HttpGet httpGet = new HttpGet(restBaseUrl + "auth"); LOG.debug("Calling: " + restBaseUrl + "auth"); httpGet.setHeader("test", username); httpGet.setHeader("more-test", password); final HttpClientContext clientContext = HttpClientContext.create(); try (final CloseableHttpResponse response2 = httpclient.execute(httpGet, clientContext)) { HttpEntity entity2 = response2.getEntity(); final String response = EntityUtils.toString(entity2, Charset.defaultCharset()); LOG.info(response); } } } catch (NoSuchAlgorithmException | KeyManagementException | ParseException | KeyStoreException | IOException e) { LOG.error(e.getMessage(), e); } ======================= Any clues will be appreciated. -- Regards, Petar! Karlovo, Bulgaria. --- Public PGP Key at: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x19658550C3110611 Key Fingerprint: A369 A7EE 61BC 93A3 CDFF 55A5 1965 8550 C311 0611