Spring Boot WebClient ProxyConnectException

Hi all,

The problem is very simple, while using a proxy with restTemplate all working as expected, however, WebClient is refusing to get the required outcome.

Exception Details: Caused by: io.netty.handler.proxy.ProxyConnectException: http, basic, xxx.xxx.com/xx.x.xx.xx:2000 => xx.xx.com/<unresolved>:443, disconnected

more…

javax.net.ssl.SSLException: failure when writing TLS control frames
	at io.netty.handler.ssl.SslHandler.setHandshakeFailureTransportFailure(SslHandler.java:1844)
	at io.netty.handler.ssl.SslHandler.access$600(SslHandler.java:169)
	at io.netty.handler.ssl.SslHandler$2.operationComplete(SslHandler.java:951)
	at io.netty.handler.ssl.SslHandler$2.operationComplete(SslHandler.java:946)
	at io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:578)
	at io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:552)
	at io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:491)
	at io.netty.util.concurrent.DefaultPromise.setValue0(DefaultPromise.java:616)
	at io.netty.util.concurrent.DefaultPromise.setFailure0(DefaultPromise.java:609)
	at io.netty.util.concurrent.DefaultPromise.tryFailure(DefaultPromise.java:117)
	at io.netty.channel.PendingWriteQueue.safeFail(PendingWriteQueue.java:288)
	at io.netty.channel.PendingWriteQueue.removeAndFailAll(PendingWriteQueue.java:186)
	at io.netty.handler.proxy.ProxyHandler.failPendingWrites(ProxyHandler.java:435)
	at io.netty.handler.proxy.ProxyHandler.failPendingWritesAndClose(ProxyHandler.java:352)
	at io.netty.handler.proxy.ProxyHandler.setConnectFailure(ProxyHandler.java:347)
	at io.netty.handler.proxy.ProxyHandler.channelInactive(ProxyHandler.java:234)
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:262)
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:248)
	at io.netty.channel.AbstractChannelHandlerContext.fireChannelInactive(AbstractChannelHandlerContext.java:241)
	at io.netty.channel.CombinedChannelDuplexHandler$DelegatingChannelHandlerContext.fireChannelInactive(CombinedChannelDuplexHandler.java:418)
	at io.netty.handler.codec.ByteToMessageDecoder.channelInputClosed(ByteToMessageDecoder.java:389)
	at io.netty.handler.codec.ByteToMessageDecoder.channelInactive(ByteToMessageDecoder.java:354)
	at io.netty.handler.codec.http.HttpClientCodec$Decoder.channelInactive(HttpClientCodec.java:311)
	at io.netty.channel.CombinedChannelDuplexHandler.channelInactive(CombinedChannelDuplexHandler.java:221)
	at io.netty.handler.proxy.HttpProxyHandler$HttpClientCodecWrapper.channelInactive(HttpProxyHandler.java:267)
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:262)
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:248)
	at io.netty.channel.AbstractChannelHandlerContext.fireChannelInactive(AbstractChannelHandlerContext.java:241)
	at io.netty.channel.DefaultChannelPipeline$HeadContext.channelInactive(DefaultChannelPipeline.java:1405)
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:262)
	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelInactive(AbstractChannelHandlerContext.java:248)
	at io.netty.channel.DefaultChannelPipeline.fireChannelInactive(DefaultChannelPipeline.java:901)
	at io.netty.channel.AbstractChannel$AbstractUnsafe$8.run(AbstractChannel.java:831)
	at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:164)
	at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:472)
	at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:497)
	at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
	at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
	at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
	at java.base/java.lang.Thread.run(Thread.java:833)

Code The code is tested with non proxy and working. The proxy is using basic username and pass authentication.

@Bean(name = "sslContext")
	public SslContext sslContext() {
		SslContext sslContext = null;
		try {

			sslContext = SslContextBuilder.forClient().protocols("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2")
					.trustManager(InsecureTrustManagerFactory.INSTANCE).build();

		} catch (SSLException e) {
			sslContext = null;
		}
		return sslContext;
	}

	@Bean(name = "httpClient")
	public HttpClient httpClient(SslContext sslContext) {
		
		Function<String, String> pwd = password -> globalAPIConfig.getApiProxyPassword();
		HttpClient client = null;

		if (globalAPIConfig.isApiProxyOn()) {

			client = HttpClient.create().secure(t -> t.sslContext(sslContext))
					.doOnConnected(conn -> conn
							.addHandler(new ReadTimeoutHandler(globalAPIConfig.getApiConnectTimeoutMillis(),
									TimeUnit.MILLISECONDS))
							.addHandler(new WriteTimeoutHandler(globalAPIConfig.getApiConnectTimeoutMillis())))
					.proxy(proxy -> proxy.type(ProxyProvider.Proxy.HTTP)
							.address(new InetSocketAddress(globalAPIConfig.getApiProxyProxyUrl(),
									globalAPIConfig.getApiProxyPort()))
							.username(globalAPIConfig.getApiProxyUsername()).password(pwd).nonProxyHosts("localhost"));
		} else {
			client = HttpClient.create()
					.doOnConnected(conn -> conn
							.addHandler(new ReadTimeoutHandler(globalAPIConfig.getApiConnectTimeoutMillis(),
									TimeUnit.MILLISECONDS))
							.addHandler(new WriteTimeoutHandler(globalAPIConfig.getApiConnectTimeoutMillis())));
		}

		client.option(ChannelOption.CONNECT_TIMEOUT_MILLIS, globalAPIConfig.getApiConnectTimeoutMillis());

		return client;
	}

Really appreciate your help…

Issue Analytics

State:
Created 2 years ago
Comments:11 (4 by maintainers)

Top GitHub Comments

1reaction

GregoireWcommented, Jul 22, 2022

FYI, I tried to do a minimal app to check this issue with native image. It went OK.

With a quick diff on the pom, on my app I updated spring-native version from 0.12.0 to 0.12.1 and native-buildtool from 0.9.12 to 0.9.13 and the issue is gone.

0reactions

GregoireWcommented, Jul 21, 2022

Hello,

I just face this error but only when I compile with graalvm native image. With standard hotspot it is ok.

Now it is a great question on how to fix this…

        HttpClient httpClient = HttpClient.create()
                .option(ChannelOption.CONNECT_TIMEOUT_MILLIS, 10 * 1000)
                .proxyWithSystemProperties()
                .doOnConnected(connection -> {
                    connection.addHandlerLast(new ReadTimeoutHandler(2 * 60 * 1000L, MILLISECONDS));
                    connection.addHandlerLast(new WriteTimeoutHandler(2 * 60 * 1000L, MILLISECONDS));
                });


         WebClient.builder()
                .clientConnector(new ReactorClientHttpConnector(httpClient))
                .build();

the error look like:

2022-07-21 15:28:54.784  WARN 1 --- [ctor-http-nio-2] r.netty.http.client.HttpClientConnect    : [124589ab, L:/1.2.3.4:34952 - R:proxy.corp.org/1.3.5.7:3128] The connection observed an error

javax.net.ssl.SSLException: failure when writing TLS control frames
	at io.netty.handler.ssl.SslHandler.setHandshakeFailureTransportFailure(SslHandler.java:1897) ~[na:na]
	at io.netty.handler.ssl.SslHandler.access$600(SslHandler.java:169) ~[na:na]
	at io.netty.handler.ssl.SslHandler$2.operationComplete(SslHandler.java:934) ~[na:na]
	at io.netty.handler.ssl.SslHandler$2.operationComplete(SslHandler.java:929) ~[na:na]
	at io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:578) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:552) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:491) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.util.concurrent.DefaultPromise.setValue0(DefaultPromise.java:616) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.util.concurrent.DefaultPromise.setFailure0(DefaultPromise.java:609) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.util.concurrent.DefaultPromise.tryFailure(DefaultPromise.java:117) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.channel.PendingWriteQueue.safeFail(PendingWriteQueue.java:288) ~[na:na]
	at io.netty.channel.PendingWriteQueue.removeAndFailAll(PendingWriteQueue.java:186) ~[na:na]
	at io.netty.handler.proxy.ProxyHandler.failPendingWrites(ProxyHandler.java:434) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.handler.proxy.ProxyHandler.failPendingWritesAndClose(ProxyHandler.java:351) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.handler.proxy.ProxyHandler.setConnectFailure(ProxyHandler.java:346) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.handler.proxy.ProxyHandler.access$100(ProxyHandler.java:38) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.handler.proxy.ProxyHandler$2.run(ProxyHandler.java:198) ~[na:na]
	at io.netty.util.concurrent.PromiseTask.runTask(PromiseTask.java:98) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.util.concurrent.ScheduledFutureTask.run(ScheduledFutureTask.java:153) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.util.concurrent.AbstractEventExecutor.runTask(AbstractEventExecutor.java:174) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:167) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:470) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:500) ~[na:na]
	at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997) ~[na:na]
	at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) ~[na:na]
	at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) ~[na:na]
	at java.lang.Thread.run(Thread.java:833) ~[com.mycorp.myapp.MyApplication:na]
	at com.oracle.svm.core.thread.PlatformThreads.threadStartRoutine(PlatformThreads.java:704) ~[com.mycorp.myapp.MyApplication:na]
	at com.oracle.svm.core.posix.thread.PosixPlatformThreads.pthreadStartRoutine(PosixPlatformThreads.java:202) ~[na:na]
Caused by: io.netty.handler.proxy.ProxyConnectException: http, none, proxy.corp.org/1.3.5.7:3128 => out.ext.com/<unresolved>:443, timeout
	... 13 common frames omitted

2022-07-21 15:28:54.785  WARN 1 --- [ctor-http-nio-2] r.netty.http.client.HttpClientConnect    : [124589ab, L:/1.2.3.4:34952 - R:proxy.corp.org/1.3.5.7:3128] The connection observed an error

io.netty.handler.proxy.ProxyConnectException: http, none, proxy.corp.org/1.3.5.7:3128 => out.ext.com/<unresolved>:443, timeout
	at io.netty.handler.proxy.ProxyHandler$2.run(ProxyHandler.java:198) ~[na:na]
	at io.netty.util.concurrent.PromiseTask.runTask(PromiseTask.java:98) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.util.concurrent.ScheduledFutureTask.run(ScheduledFutureTask.java:153) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.util.concurrent.AbstractEventExecutor.runTask(AbstractEventExecutor.java:174) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:167) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:470) ~[com.mycorp.myapp.MyApplication:4.1.79.Final]
	at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:500) ~[na:na]
	at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997) ~[na:na]
	at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) ~[na:na]
	at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) ~[na:na]
	at java.lang.Thread.run(Thread.java:833) ~[com.mycorp.myapp.MyApplication:na]
	at com.oracle.svm.core.thread.PlatformThreads.threadStartRoutine(PlatformThreads.java:704) ~[com.mycorp.myapp.MyApplication:na]
	at com.oracle.svm.core.posix.thread.PosixPlatformThreads.pthreadStartRoutine(PosixPlatformThreads.java:202) ~[na:na]