httpClient 在从 azure 反向代理调用 https 连接时抛出连接重置

httpClient throws Connection reset while invoking https connection from azure reverse proxy

实际上我有配置为重定向到 keycloak 的 saml 应用程序 当我第一次使用 HTTP URLs(httpClient 3.1,jdk1.8) 配置应用程序时,我没有收到任何问题,但是当使用反向代理(WAF azure 应用程序网关反向代理)进行 HTTPS 连接时,出现异常


 **Caused by**: org.opensaml.saml2.metadata.provider.MetadataProviderException: Error retrieving metadata from https://example.com/auth/realms/realmName/protocol/saml/descriptor
        at org.opensaml.saml2.metadata.provider.HTTPMetadataProvider.fetchMetadata (HTTPMetadataProvider.java:274)
        at org.opensaml.saml2.metadata.provider.AbstractReloadingMetadataProvider.refresh (AbstractReloadingMetadataProvider.java:255)
        ... 9 more
**Caused by**: java.net.SocketException: Connection reset
  at java.net.SocketInputStream.read(SocketInputStream.java:210)
        at java.net.SocketInputStream.read(SocketInputStream.java:141)
        at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
        at sun.security.ssl.InputRecord.read(InputRecord.java:503)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
        at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
        at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
        at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
        at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
        at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)
        at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)
        at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
        at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
        at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
        at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
        at org.opensaml.saml2.metadata.provider.HTTPMetadataProvider.fetchMetadata(HTTPMetadataProvider.java:250)

知道我已经在 J​​VM 级别添加了证书并且 URL 我刚刚调用的 (https://example.com/auth/realms/realmName/protocol/saml/descripto) 可以通过 curl 命令或从浏览器访问

我通过升级 jdk 版本解决了同样的问题