Skip to Main Content

Java SE (Java Platform, Standard Edition)

Announcement

For appeals, questions and feedback, please email oracle-forums_moderators_us@oracle.com

Example using HttpsServer

user-bx2y5Apr 9 2023

I want to create a simple https “Hello World” server. I want make the following request:

https://hoyo.zeetix.com:7899/test

to answer the string “Hello World”.

Please help me get my https “Hello World” server working as well as its http counterpart (shown below).

Here is code I have cobbled together from a multitude of web sources:

package com.zeetix.development.hello; 

import java.net.InetSocketAddress; 
import java.util.concurrent.Executors; 

import com.sun.net.httpserver.HttpsServer; 
import com.sun.net.httpserver.HttpsConfigurator; 

import javax.net.ssl.SSLContext; 

public class SecureApp { 
private static final Logger 

public static void main(String[] args) throws Exception {
  SSLContext sslContext = SSLContext.getDefault(); 
  HttpsServer server = HttpsServer.create(new InetSocketAddress(7899), 0); 
  HttpsConfigurator httpsConfigurator = new HttpsConfigurator(sslContext); 
  server.setHttpsConfigurator(httpsConfigurator); 
  server.createContext("/test", new ZeetixHandler()); 
  server.setExecutor(Executors.newCachedThreadPool()); 
  server.start(); 
  } 
}

When I exercise the above using curl -v …, the attempt fails as follows:

curl -v https://hoyo.zeetix.com:7899/test
*   Trying 172.30.2.59...
* TCP_NODELAY set
* Connected to hoyo.zeetix.com (172.30.2.59) port 7899 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to hoyo.zeetix.com:7899 
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to hoyo.zeetix.com:7899 

On the same system, a nodejs server listening on a different port works as expected:

curl -v https://hoyo.zeetix.com:7103/mysql/v1/isNovelEmail?email=foo%40bard.com
*   Trying 172.30.2.59...
* TCP_NODELAY set
* Connected to hoyo.zeetix.com (172.30.2.59) port 7103 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, [no content] (0):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=covid.tms.hoyo.zeetix.com
*  start date: Apr  4 23:15:14 2023 GMT
*  expire date: Jul  3 23:15:13 2023 GMT
*  subjectAltName: host "hoyo.zeetix.com" matched cert's "hoyo.zeetix.com"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* TLSv1.3 (OUT), TLS app data, [no content] (0):
> GET /mysql/v1/isNovelEmail?email=foo%40bard.com HTTP/1.1
> Host: hoyo.zeetix.com:7103
> User-Agent: curl/7.61.1
> Accept: */*
> 
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS app data, [no content] (0):
< HTTP/1.1 200 OK
< X-Powered-By: Express
< Content-Type: application/json; charset=utf-8
< Content-Length: 4
< ETag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
< Date: Sat, 08 Apr 2023 15:51:33 GMT
< Connection: keep-alive
< Keep-Alive: timeout=5
< 
* Connection #0 to host hoyo.zeetix.com left intact
true

I know that port 7899 is open in the firewall because the http counterpart works fine. Here is my http HelloWorld server:

package com.zeetix.development.hello; 

import java.net.InetSocketAddress; 
import java.util.concurrent.Executors; 

import com.sun.net.httpserver.HttpServer; 

public class App { 
  public static void main(String[] args) throws Exception { 
    HttpServer server = HttpServer.create(new InetSocketAddress(7899), 0); 
    server.createContext("/test", new ZeetixHandler()); 
    server.setExecutor(Executors.newCachedThreadPool()); 
    server.start(); 
  } 
} 

This works fine:

curl -v http://hoyo.zeetix.com:7899/test
*   Trying 172.30.2.59...
* TCP_NODELAY set
* Connected to hoyo.zeetix.com (172.30.2.59) port 7899 (#0)
> GET /test HTTP/1.1
> Host: hoyo.zeetix.com:7899
> User-Agent: curl/7.61.1
> Accept: */*
> 
< HTTP/1.1 200 OK
< Date: Sat, 08 Apr 2023 23:59:34 GMT
< Content-length: 12
< 
* Connection #0 to host hoyo.zeetix.com left intact
Hello World!

I know that the certificates and domain name are fine (the https call to the service listening on 7103 shows that). I know that port 7899 is open in the firewall and the http version of “Hello World” works fine.

What must I do to get the https version of the “Hello World” server running?

Comments
Post Details
Added on Apr 9 2023
0 comments
423 views