尝试通过SSL连接到服务器的SSLHandshakeException_java

概述尝试通过SSL连接到服务器的SSLHandshakeException

我试图从Java / Spring 4应用程序通过SSL向远程服务器上的资源发出GET请求。说资源是：

httpS：//remote-app/foo.pdf

我的应用程序使用https://github.com/square/okhttp作为http客户端来执行 *** 作。

不幸的是，这个资源正在抛出一个例外。但令人惊讶的是，在其他服务器上通过SSL公开的其他资源成功。

如何停止从命令行的春季启动服务？

spring启动init.d脚本start-stop-daemon：无法识别的选项–no-close

Spring集成或Apache http客户端

在服务器启动后，Spring启动停止

这是我得到的例外：

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[na:1.8.0_51] at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) ~[na:1.8.0_51] at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023) ~[na:1.8.0_51] at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125) ~[na:1.8.0_51] at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) ~[na:1.8.0_51] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) ~[na:1.8.0_51] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) ~[na:1.8.0_51] at com.squareup.okhttp.internal.http.socketConnector.connectTls(SocketConnector.java:103) ~[okhttp-2.4.0.jar!/:na] at com.squareup.okhttp.Connection.connect(Connection.java:143) ~[okhttp-2.4.0.jar!/:na] at com.squareup.okhttp.Connection.connectAndSetowner(Connection.java:185) ~[okhttp-2.4.0.jar!/:na] at com.squareup.okhttp.OkhttpClIEnt$1.connectAndSetowner(OkhttpClIEnt.java:128) ~[okhttp-2.4.0.jar!/:na] at com.squareup.okhttp.internal.http.httpEngine.nextConnection(httpEngine.java:341) ~[okhttp-2.4.0.jar!/:na] at com.squareup.okhttp.internal.http.httpEngine.connect(httpEngine.java:330) ~[okhttp-2.4.0.jar!/:na] at com.squareup.okhttp.internal.http.httpEngine.sendRequest(httpEngine.java:248) ~[okhttp-2.4.0.jar!/:na] at com.squareup.okhttp.Call.getResponse(Call.java:273) ~[okhttp-2.4.0.jar!/:na] at com.squareup.okhttp.Call$ApplicationInterceptorChain.proceed(Call.java:230) ~[okhttp-2.4.0.jar!/:na] at com.squareup.okhttp.Call.getResponseWithInterceptorChain(Call.java:201) ~[okhttp-2.4.0.jar!/:na] at com.squareup.okhttp.Call.execute(Call.java:81) ~[okhttp-2.4.0.jar!/:na] at com.org.package.util.Utils.getUrlResponse(MyUtils.java:54) ~[app-0.0.1-SNAPSHOT.jar!/:na] at com.org.package.service.impl.MyApp.uploadUrl(MyApp.java:303) [app.jar!/:na] at com.org.package.service.impl.MyApp.uploadResource(MyApp.java:135) [app.jar!/:na] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_51] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_51] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_51] at java.lang.reflect.Method.invoke(Method.java:497) ~[na:1.8.0_51] at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317) [spring-aop-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) [spring-aop-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) [spring-aop-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceeDWithInvocation(TransactionInterceptor.java:99) [spring-tx-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:281) [spring-tx-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96) [spring-tx-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) [spring-aop-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:207) [spring-aop-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at com.sun.proxy.$Proxy155.uploadR(UnkNown Source) [na:na] at com.org.myprocess.receiveRequest(Processor.java:42) [app.jar!/:na] at com.org.myprocess$$FastClassBySpringcglib$$e05dc31.invoke(<generated>) [spring-core-4.1.7.RELEASE.jar!/:na] at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) [spring-core-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.aop.framework.cglibAopProxy$cglibMethodInvocation.invokeJoinpoint(cglibAopProxy.java:717) [spring-aop-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) [spring-aop-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceeDWithInvocation(TransactionInterceptor.java:99) [spring-tx-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:281) [spring-tx-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96) [spring-tx-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) [spring-aop-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at org.springframework.aop.framework.cglibAopProxy$DynamicAdvisedInterceptor.intercept(cglibAopProxy.java:653) [spring-aop-4.1.7.RELEASE.jar!/:4.1.7.RELEASE] at com.org.myprocess$$EnhancerBySpringcglib$$d16a8116.receiveRequest(<generated>) [spring-core-4.1.7.RELEASE.jar!/:na] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_51] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_51] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_51] at java.lang.reflect.Method.invoke(Method.java:497) ~[na:1.8.0_51] at org.springframework.messaging.handler.invocation.invocableHandlerMethod.doInvoke(invocableHandlerMethod.java:185) [spring-messaging-4.1.6.RELEASE.jar!/:4.1.6.RELEASE] at org.springframework.messaging.handler.invocation.invocableHandlerMethod.invoke(invocableHandlerMethod.java:104) [spring-messaging-4.1.6.RELEASE.jar!/:4.1.6.RELEASE] at org.springframework.messaging.handler.invocation.AbstractMethodMessageHandler.handleMatch(AbstractMethodMessageHandler.java:447) [spring-messaging-4.1.6.RELEASE.jar!/:4.1.6.RELEASE] at org.springframework.messaging.handler.invocation.AbstractMethodMessageHandler.handleMessageInternal(AbstractMethodMessageHandler.java:408) [spring-messaging-4.1.6.RELEASE.jar!/:4.1.6.RELEASE] at org.springframework.messaging.handler.invocation.AbstractMethodMessageHandler.handleMessage(AbstractMethodMessageHandler.java:346) [spring-messaging-4.1.6.RELEASE.jar!/:4.1.6.RELEASE] at org.springframework.cloud.aws.messaging.Listener.SimpleMessageListenerContainer.executeMessage(SimpleMessageListenerContainer.java:160) [spring-cloud-aws-messaging-1.0.3.RELEASE.jar!/:1.0.3.RELEASE] at org.springframework.cloud.aws.messaging.Listener.SimpleMessageListenerContainer$MessageExecutor.run(SimpleMessageListenerContainer.java:226) [spring-cloud-aws-messaging-1.0.3.RELEASE.jar!/:1.0.3.RELEASE] at org.springframework.cloud.aws.messaging.Listener.SimpleMessageListenerContainer$SignalExecutingRunnable.run(SimpleMessageListenerContainer.java:250) [spring-cloud-aws-messaging-1.0.3.RELEASE.jar!/:1.0.3.RELEASE] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_51] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_51] at java.lang.Thread.run(Thread.java:745) [na:1.8.0_51] Suppressed: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure ... 60 common frames omitted

我尝试从我的应用程序部署的机器curl：

curl -v https://www.remote-app/foo.pdf

响应>>>

Trying 121.1.102.15... * Connected to www.remote-app (121.1.102.15) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * NSS error -12286 (SSL_ERROR_NO_CYPHER_OVERLAP) * Cannot communicate securely with peer: no common encryption algorithm(s). * Closing connection 0 curl: (35) Cannot communicate securely with peer: no common encryption algorithm(s).

但后来我试着通过密码algorithm使用，它的工作原理：

curl -v --cipher ecdhe_rsa_aes_128_gcm_sha_256 https://www.remote-app/foo.pdf

响应>>>

Trying 121.1.102.15... 200 OK... Content... Content...

现在我的问题是如何让我的应用程序连接到不同的SSL服务器，可能有不同的SSLconfiguration。因为应用程序通过ssl连接到大多数资源，但不是全部。

或者我怎样才能支持更多可以被不同服务器使用的密码套件？（假设这是正确的问题）

耶，所以我得到了解决办法。 Java带有某些默认禁用的密码，有些是启用的。这里： https : //docs.oracle.com/javase/8/docs/technotes/guIDes/security/SunProvIDers.HTML令人惊讶的是，我上面提到的所有4个密码都在“默认启用”表中。但是在他们提到的密码列表之下：

使用椭圆曲线密码（ECDSA，ECDH，ECDHE，ECDH_anon）的密码套件需要符合以下要求的JCE密码提供者：a … b … c …

搜索JAVA JCE提供程序将导致您http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.HTML

下载zip文件，你将在local_policy.jar中得到两个jar文件us_export_policy.jar

将这两个jar文件放在你的jre jdk1.8.jdk / Contents / Home / jre / lib / security /

干杯!

总结

以上是内存溢出为你收集整理的尝试通过SSL连接到服务器的SSLHandshakeException全部内容，希望文章能够帮你解决尝试通过SSL连接到服务器的SSLHandshakeException所遇到的程序开发问题。

如果觉得内存溢出网站内容还不错，欢迎将内存溢出网站推荐给程序员好友。

欢迎分享，转载请注明来源：内存溢出

原文地址: http://outofmemory.cn/langs/1154985.html