获取javax.net.ssl.sslhandshakeexception:收到致命警报:握手失败

ulydmbyx  于 2021-07-05  发布在  Java
关注(0)|答案(0)|浏览(432)

我在使用https Web服务时出错。我在Java6中运行客户机时遇到了这个错误。我无法更改jdk的版本。我用jdk8试过了,效果很好。
是什么导致了这个错误?
我添加了无限制的策略jdk6 jar;
我的客户代码:

System.setProperty("javax.net.ssl.trustStore", "bci-to-scoring-keystore-client.jks");
        System.setProperty("javax.net.ssl.trustStorePassword", "changeit");

        HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
        //connection.setSSLSocketFactory(ssl.getSocketFactory());
        connection.setRequestMethod("POST");
        connection.setDoOutput(true);

        connection.setRequestProperty("Content-Type", "text/xml");
        connection.setHostnameVerifier(new HostnameVerifier() {
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        });
        connection.connect();

例外情况:

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1822)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1004)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:133)
at com.bci.test.JavaApplication7.execute(JavaApplication7.java:70)
at com.bci.test.JavaApplication7.main(JavaApplication7.java:33)

与…一起跑步时 -Djavax.net.debug=ssl 我有这个:

keyStore is : 
keyStore type is : jks
keyStore provider is : 
init keystore
init keymanager of type SunX509
trustStore is: bci-to-scoring-keystore-client.jks
trustStore type is : jks
trustStore provider is : 
init truststore
adding as trusted cert:
  Subject: CN=*.BCITESTES.LOCAL, OU=DSI - Direccao de Sistemas de Informacao, O="BCI - Banco Comercial e de Investimentos, SA", L=Maputo, ST=Maputo, C=MZ
  Issuer:  CN=BCI Enterprise Certificate Authority, DC=BCIFOMENTO, DC=CO, DC=MZ
  Algorithm: RSA; Serial number: 0x43000000b6661aefae5816d09c0002000000b6
  Valid from Wed Jun 03 09:10:22 CAT 2020 until Fri Jun 03 09:10:22 CAT 2022

adding as trusted cert:
  Subject: CN=cliente.bci.scoring.co.mz, OU=DSI - Direccao de Sistemas de Informacao, O=BCI - Banco Comercial e de Investimentos, C=MZ, ST=Maputo, L=Maputo
  Issuer:  CN=cliente.bci.scoring.co.mz, OU=DSI - Direccao de Sistemas de Informacao, O=BCI - Banco Comercial e de Investimentos, C=MZ, ST=Maputo, L=Maputo
  Algorithm: RSA; Serial number: 0x5f50ffd3
  Valid from Thu Sep 03 16:38:11 CAT 2020 until Sat Aug 10 16:38:11 CAT 2120

trigger seeding of SecureRandom
done seeding SecureRandom
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
%% No cached client session

***ClientHello, TLSv1

RandomCookie:  GMT: 1599232592 bytes = { 73, 169, 83, 102, 108, 21, 161, 215, 189, 29, 218, 198, 42, 47, 144, 160, 202, 94, 179, 118, 28, 239, 54, 38, 199, 59, 222, 43 }
Session ID:  {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }

***

main, WRITE: TLSv1 Handshake, length = 81
main, WRITE: SSLv2 client hello message, length = 110
main, READ: Unknown-3.3 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题