This error is caused by malformed HTTP request. In most cases this message is misleading because this error usually happens when you are trying to access unsecured page through https. Tomcat doesn't know that incoming request is encrypted and is trying to interpret this request as plain, unsecured http request.

此错误是由格式错误的 HTTP 请求引起的。在大多数情况下，此消息具有误导性，因为当您尝试通过 https 访问不安全的页面时，通常会发生此错误。Tomcat 不知道传入的请求是加密的，并试图将此请求解释为普通的、不安全的 http 请求。

This is how it could look in logs:

这是它在日志中的样子：

Standard, proper HTTP request (http://localhost:8080)

标准的、正确的 HTTP 请求 ( http://localhost:8080)

Received [GET /index.html HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding: gzip, deflate, sdch
Accept-Language: pl,en-US;q=0.8,en;q=0.6
Cookie: Idea-xxxxx; JSESSIONID=3dxxxxx

] 

HTTPS request (https://localhost:8080)

HTTPS 请求 ( https://localhost:8080)

Received [1μH?;?!P@<?
                                                                                                                                #|vFBb-?i?/5
j?

                   hhttp/1.1uP
                               
] 

As you can see in second request, there are unknown chars instead of proper HTTP method name (e.g. GET)

正如您在第二个请求中看到的，有未知字符而不是正确的 HTTP 方法名称（例如 GET）

So if your server has no SSL configuration and error occurs "once in a day or two", then probably someone is trying to reach your website through https (probably some kind of bot)

因此，如果您的服务器没有 SSL 配置并且“一两天”发生一次错误，那么可能有人试图通过 https（可能是某种机器人）访问您的网站

Eventually someone is trying to send nonsecured but malformed plain HTTP request (through his own application - bot or other custom client).

最终有人试图发送不安全但格式错误的纯 HTTP 请求（通过他自己的应用程序 - 机器人或其他自定义客户端）。

Just add this problem too with springboot. I was using a HTTPS url but my local server wasn't using SSL, so I switched the url to HTTP and it worked.

只需用 springboot 添加这个问题。我使用的是 HTTPS url，但我的本地服务器没有使用 SSL，所以我将 url 切换为 HTTP 并且它工作正常。

This error may occur because of bad port.

由于端口错误，可能会发生此错误。

Actually, notice that if you want accept throw HTTPS, default Tomcat port is 8443 : https://localhost:8443

实际上，注意如果你想接受抛出 HTTPS，默认的 Tomcat 端口是 8443 ： https://localhost:8443

when you change connector and keystore but still fetching with 8080 instead of 8443

当您更改连接器和密钥库但仍使用 8080 而不是 8443 获取时

Recheck the request sent. If the endpoint is not https enabled, pass the request with http.

重新检查发送的请求。如果端点未启用 https，请使用 http 传递请求。

I also faced the same issue with HTTP POST Request- The problem was "JSON data was not correct". I had an enum attribute in class which i was passing wrong (spelling mistake) in object. And i was getting this exception.

我在 HTTP POST 请求中也遇到了同样的问题 - 问题是“JSON 数据不正确”。我在类中有一个枚举属性，我在对象中传递了错误（拼写错误）。我得到了这个例外。

I encountered this same error and it can have absolutely nothing to do with your Tomcat configuration. It drove me crazy trying to find the error. I was serving multiple applications from six domains with only one of the domains producing the Proxy Error 502. The 'Invalid character' message is then found in Tomcat's log catalina.out:

我遇到了同样的错误，它可能与您的 Tomcat 配置完全无关。试图找到错误让我发疯。我正在为来自六个域的多个应用程序提供服务，其中只有一个域产生代理错误 502。然后在 Tomcat 的日志 catalina.out 中找到了“无效字符”消息：

Apr 18, 2018 10:31:06 AM org.apache.coyote.http11.AbstractHttp11Processor process
INFO: Error parsing HTTP request header
 Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level.
java.lang.IllegalArgumentException: Invalid character (CR or LF) found in method name
        at org.apache.coyote.http11.InternalAprInputBuffer.parseRequestLine(InternalAprInputBuffer.java:177)
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:992)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
        at org.apache.tomcat.util.net.AprEndpoint$SocketWithOptionsProcessor.run(AprEndpoint.java:2454)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.lang.Thread.run(Thread.java:748)

In my case, I am sending requests to Tomcat applications from Apache httpd using a proxy. The proxy directives are used within httpd's virtual host, normally configured in /etc/httpd/conf.d/virtualhosts.conf. The proxy first redirects any unencrypted http requests received on port 80 to port 443.

就我而言，我使用代理从 Apache httpd 向 Tomcat 应用程序发送请求。代理指令在 httpd 的虚拟主机中使用，通常在 /etc/httpd/conf.d/virtualhosts.conf 中配置。代理首先将在端口 80 上收到的任何未加密的 http 请求重定向到端口 443。

<VirtualHost *:80>
  ServerName www.domain1.com
  ServerAlias domain1.com *.domain1.com
  Redirect permanent / https://domain1.com/
</VirtualHost>

The redirected request is then handled as a normal incoming encrypted https request.

然后将重定向的请求作为正常传入的加密 https 请求进行处理。

The incorrect configuration. DO NOT COPY THIS!

不正确的配置。不要复制这个！

  <VirtualHost *:443>
      ServerName www.domain1.com
      ServerAlias domain1.com *.domain1.com
      ProxyRequests off
      ProxyPreserveHost on
      CustomLog "/etc/httpd/logs/domain1ssl.log" "%h %l %u %t \"%r\" %>s %b"
      ErrorLog "/etc/httpd/logs/domain1ssl_error.log"
      SSLEngine on
      SSLProxyEngine on
      SSLCertificateFile /etc/pki/tls/certs/domain1.com.crt
      SSLCertificateKeyFile /etc/pki/tls/private/domain1.key
      SSLCertificateChainFile /etc/pki/tls/certs/ca-bundle-domain1.crt
      ProxyPass / https://domain1.com:8081/
      ProxyPassReverse / https://domain1.com:8081/
    </VirtualHost>

Note the two lines:

注意两行：

ProxyPass / https://domain1.com:8081/
  ProxyPassReverse / https://domain1.com:8081/

The directives are telling Apache to send the request to the process listening on port 8081 as an encrypted request. This was typo on my part. The protocol should be http. Tomcat is not handling encryption, httpd is handling encryption. So Tomcat is receiving an encrypted request on a non-encrypted connector resulting in the 'Invalid character' error exceptionally well explained in Maciej Marczuk's (https://stackoverflow.com/users/1545775/maciej-marczuk) answer. Many thanks for cluing me in to finding my typo.

这些指令告诉 Apache 将请求作为加密请求发送到侦听端口 8081 的进程。这是我的错别字。协议应该是http。Tomcat 不处理加密，httpd 处理加密。因此 Tomcat 在非加密连接器上收到加密请求，导致“无效字符”错误，在 Maciej Marczuk ( https://stackoverflow.com/users/1545775/maciej-marczuk) 的回答中得到了很好的解释。非常感谢你让我找到我的错字。

The proxy directives should be:

代理指令应该是：

ProxyPass / http://domain1.com:8081/
  ProxyPassReverse / http://domain1.com:8081/

Hope this helps someone. Cheers.

希望这可以帮助某人。干杯。