SSLHandshakeException: Received fatal alert: handshake_failure
来源:互联网 发布:舟山淘宝代运营诈骗案 编辑:程序博客网 时间:2024/05/16 09:05
问题出现:
jdk版本从7升级到8之后,出现ssl异常信息:具体错误信息如下:
- 问题定位
关于ssl握手异常,网上有很多。大多数的解决方式都是修改protocols、cipherSuites、修改${JAVA_HOME}/lib/security的local_policy.jar、US_export_policy.jar或者修改jdk版本。
在尝试了所有的方法法之后,还是握手异常。最后在启动java程序时,新增了调试参数-Djavax.net.debug=all
可以开启加密协议的调试模式。
对比握手成功和握手失败的协议报文,发现握手失败报文缺少Cipher Suites没有RC4相关的加密算法(SSL_RSA_WITH_RC4_128_SHA)。
在查看客户端连接的代码发现,在创建SSLConnectionSocketFactory没有指定支持的protocols和Cipher Suites。导致ssl握手过程中使用了jdk8默认的ssl协议TLSv1.2,并且jdk8默认的Cipher Suites禁用了RC4算法。最终导致握手失败。
修复代码如下:
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory( sslcontext, new String[]{"TLSv1","TLSv1.1","TLSv1.2"}, new String[]{"SSL_RSA_WITH_RC4_128_SHA"}, new NoopHostnameVerifier() );
修改之后还是握手异常!
- 问题再定位
因为在从JDK 1.8.0_u60开始,默认禁止了RC4这个算法。可以在{JRE_HOME}/lib/security/java.security找到相关配置:
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768
以及
jdk.tls.legacyAlgorithms= \
K_NULL, C_NULL, M_NULL, \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \
RC4_128, RC4_40, DES_CBC, DES40_CBC
- 问题解决
启用Java的RC4算法
方法一:
修改 {JRE_HOME}\lib\security\java.security文件如下:
方法二:
在代码中指定属性如下:
Security.setProperty("jdk.tls.disabledAlgorithms","SSLv3, DH keySize < 768");
然后启用相关的协议和Cipher Scites。
阅读全文
1 0
- SSLHandshakeException: Received fatal alert: handshake_failure
- javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
- javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
- javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
- eclipse javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
- SSL/TLS的Handshake过程与javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure异常
- SSL/TLS的Handshake过程与javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure异常
- 使用Java访问https接口javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
- 访问https,抛出的异常javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
- SSL/TLS的Handshake过程与javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure异常
- java mail Received fatal alert: handshake_failure
- javamail 报 Received fatal alert handshake_failure
- HTTPS握手异常:Received fatal alert: handshake_failure
- charles 3.11对于cipher限制 Received fatal alert: handshake_failure
- java无法收取邮件问题 Received fatal alert: handshake_failure
- ios信息推送 异常 javax.net.ssl.SSLHandshakeException: Received fatal alert: handshak
- SSLHandshake: Received fatal alert: certificate_unknown
- 苹果推送:Received fatal alert: certificate_revoked
- iOS下Html页面中input获取焦点弹出键盘时挡问题
- WebSokcet
- Hdu 1312 Red and Black 深搜
- hdu 5900 QSC and Master 区间dp
- [经验]tableview的contentSize默默自己在变。
- SSLHandshakeException: Received fatal alert: handshake_failure
- leetcode 29
- Java基础之运算符
- 数值分析常用的几个小程序C++实现
- 51nod 1201 整数划分(dp)
- cordova开发教程
- NandFlash ECC 校验算法原理与实现
- android.view.ViewRootImpl$CalledFromWrongThreadException: Only the original thread that created a vi
- Android打开系统相册页面