日志记录如下:
[2019-01-23T14:42:35,850][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [node0] caught exception while handling client http traffic, closing connection [id: 0xe38f8ac0, L:0.0.0.0/0.0.0.0:9200 ! R:/127.0.0.1:39864]
io.netty.handler.codec.DecoderException: io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 474554202f70726f746f636f6c2d2a2f5f6d617070696e6720485454502f312e310d0a557365722d4167656e743a20596969322d4375726c2d4167656e740d0a486f73743a203132372e302e302e313a393230300d0a4163636570743a202a2f2a0d0a0d0a
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:459) ~[netty-codec-4.1.13.Final.jar:4.1.13.Final]
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:265) ~[netty-codec-4.1.13.Final.jar:4.1.13.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:340) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1334) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:926) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:134) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:644) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKeysPlain(NioEventLoop.java:544) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:498) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:458) [netty-transport-4.1.13.Final.jar:4.1.13.Final]
at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:858) [netty-common-4.1.13.Final.jar:4.1.13.Final]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_161]
Caused by: io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 474554202f70726f746f636f6c2d2a2f5f6d617070696e6720485454502f312e310d0a557365722d4167656e743a20596969322d4375726c2d4167656e740d0a486f73743a203132372e302e302e313a393230300d0a4163636570743a202a2f2a0d0a0d0a
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1103) ~[?:?]
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:489) ~[?:?]
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:428) ~[?:?]
... 15 more
产生原因:在配置了认证用户名以及证书之后,在 baseEs.php
中还是采用了未认证用户名及证书方式请求数据,所以导致了该问题的发生。关键代码如下:
# baseEs.php getAllIndices()
$elasticSearch = \Yii::$app->elasticsearch;
$nodes = $elasticSearch->nodes;
$node0 = $nodes[0];
$httpAddress = $node0['http_address'];
$requestUrl = $httpAddress.'/'.$prefix.'*/_mapping';
$response = (new Curl())
->reset()
->get($requestUrl);
$responseArr = json_decode($response, true);
优化1:加上认证用户名以及证书的配置,就可以解决改报错了,但是仍然会报一个 Content-Type
过期的错误,可以忽略
# baseEs.php getAllIndices()
$esInfo = \Yii::$app->elasticsearch;
$nodes = $esInfo->nodes;
$node0 = $nodes[0];
$httpAddress = $esInfo->defaultProtocol .'://'. $node0['http_address'];
$requestUrl = $httpAddress.'/_cat/indices/'.$prefix.'*?format=json';//_cat/indices/protocol-*?format=json
$response = (new Curl())
->reset()
->setOptions([
CURLOPT_HTTPHEADER => array("Content-type: application/json" ),
CURLOPT_HTTPAUTH => CURLAUTH_BASIC,
CURLOPT_HEADER => true,
CURLOPT_USERPWD => $esInfo->auth['username'].':'.$esInfo->auth['password'],
CURLOPT_SSL_VERIFYPEER => $esInfo->sslExtension[CURLOPT_SSL_VERIFYPEER],
CURLOPT_SSL_VERIFYHOST => $esInfo->sslExtension[CURLOPT_SSL_VERIFYHOST],
CURLOPT_CAINFO => $esInfo->sslExtension[CURLOPT_CAINFO],
])
->get($requestUrl);
$responseArr = json_decode($response, true);
return array_column($responseArr, 'index');
优化2:因为全局配置了es的连接,所以可以直接使用。好处是,共用一处配置,以后要配置啥,只需要修改配置就行,而不用再修改 baseEs.php
这个文件了。
# baseEs.php getAllIndices()
/** @var ElasticsearchTarget $esConn */
$esConn = \Yii::$app->elasticsearch;
$ret = $esConn->get(sprintf("_cat/indices/%s*?format=json", $prefix));
return array_values(array_column($ret, 'index'));