Unrecognized SSL message, plaintext connection--SSLSocket 代理服务器连接

虽然java代码  URL.openconnect(proxy);已经实现了https客户端通过代理连接服务器

但个人在使用socket https代理http://www.cnblogs.com/hua198/p/5223945.html时一直出现一个问题Unrecognized SSL message, plaintext connection

大致意思是在SSL连接过程中收到不可以识别的消息

产生这个问题一般有两种

1.发送了明文消息

2.SSL握手出现问题，不能正确完成握手

通过连接的代码，使用代理后一直无法完成握手，原因还是与HTTPS代理连接出现问题，因为代码直接与HTTPS服务器连接正常，握手报文顺序是正常的

通过IE浏览器代理抓包分析，在SSL握手报文头部出现了proxy-connect-name:xxx.yyy.com proxy-connect-port:443

然道是java在握手过程中加入这些数据，后来发现https使用代理连接过程中，客户端向代理服务器发送一个connect xxx.yyy.com:443 HTTP/1.1的一个http的报文

显然在ssl代理过程中，客户端先要通过connect与代理服务器建立连接，ssl代理服务器需要与服务器完成ssl握手，建立连接。然后客户端再与代理服务器建立ssl连接。

import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;
import java.security.SecureRandom;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

public class Ssl {

public static void sslSocket2() throws Exception {
SSLContext context = SSLContext.getInstance("SSL");
// 初始化
TrustManager[] tm = { new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
}
} };

context.init(null, tm, new SecureRandom());
SSLSocketFactory factory = context.getSocketFactory();

//_____________________________________________________

Socket socket= new Socket("127.0.0.1",8080); //代理服务器
StringBuffer connect = new StringBuffer("CONNECT mail.163.com:443 HTTP/1.1 ");
OutputStream output1 = socket.getOutputStream();
output1.write(connect.toString().getBytes());
output1.flush();

InputStream input1 = socket.getInputStream();
byte[] buf1 = new byte[1024];
input1.read(buf1);
System.out.println(new String(buf1));

SSLSocket s = (SSLSocket) factory.createSocket(socket,"mail.163.com", 443,true);

//_____________________________________________________
// SSLSocket s = (SSLSocket) factory.createSocket("mail.163.com", 443);

// s.startHandshake();
OutputStream output = s.getOutputStream();
InputStream input = s.getInputStream();

output.write(("POST https://mail.163.com/entry/cgi/ntesdoor?df=mail163_letter&from=web&funcid=loginone&iframe=1&language=-1&passtype=1&product=mail163&net=t&style=-1&race=1139_1154_1123_bj&uid=xj-07@163.com HTTP/1.1"
+" Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, */*"
+" User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)"
+" Content-Type: application/x-www-form-urlencoded"
+" Accept-Encoding: gzip, deflate"
+" Host: mail.163.com"
+" Content-Length: 106" //body的字符个数
+" Connection: Keep-Alive"
+" Cache-Control: no-cache"
+" Referer: http://mail.163.com/"
+" Accept-Language: zh-CN"+" "
+" savelogin=0&url2=http%3A%2F%2Fmail.163.com%2Ferrorpage%2Ferror163.htm&username=xj-0701&password=xxx12345yy").getBytes());
output.flush();

byte[] buf = new byte[1024];
int len = input.read(buf);
System.out.println("received:" + new String(buf, 0, len));
}
public static void main(String[] args) throws Exception {

sslSocket2();
}

}