javax.net.ssl.SSLHandshakeException:收到致命警报:握手APN中的错误

时间:2012-06-20 05:30:33

标签: java ssl

我正在尝试使用Java-pns向iPhone发送推送通知,但我收到以下错误...

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

这是我的代码......

String token="95076d2846e8979b46efd1884206a590d99d0f3f6139d947635ac4186cdc5942";

String host = "gateway.sandbox.push.apple.com";
int port = 2195;
String payload = "{\"aps\":{\"alert\":\"Message from Java o_O\"}}";

NotificationTest.verifyKeystore("res/myFile.p12", "password", false);
KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(getClass().getResourceAsStream("res/myFile.p12"), "password".toCharArray());

KeyManagerFactory keyMgrFactory = KeyManagerFactory.getInstance("SunX509");
keyMgrFactory.init(keyStore, "password".toCharArray());

SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyMgrFactory.getKeyManagers(), null, null);
SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket(host, port);
String[] cipherSuites = sslSocket.getSupportedCipherSuites();
sslSocket.setEnabledCipherSuites(cipherSuites);
sslSocket.startHandshake();

char[] t = token.toCharArray();
byte[] b = Hex.decodeHex(t);

OutputStream outputstream = sslSocket.getOutputStream();

outputstream.write(0);
outputstream.write(0);
outputstream.write(32);
outputstream.write(b);
outputstream.write(0);
outputstream.write(payload.length());
outputstream.write(payload.getBytes());

outputstream.flush();
outputstream.close();

System.out.println("Message sent .... ");

对于NotificationTest.verifyKeystore我认为此有效期为FileKeystore

我不明白为什么我会收到此错误。

这是我的错误日志...

** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Cert Authorities:
<empty>
[read] MD5 and SHA1 hashes: len = 10
0000: 0D 00 00 06 03 01 02 40 00 00 .......@..
** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
** Certificate chain
**
** ClientKeyExchange, RSA PreMasterSecret, TLSv1
[write] MD5 and SHA1 hashes: len = 269
...
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT: fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

我不明白为什么证书颁发机构是空的?

3 个答案:

答案 0 :(得分:4)

我建议您使用keytool -list将客户端上的密钥库与服务器已知的密钥库进行比较。您获得的握手错误是因为服务器已经完成了它并且期待客户端证书的回复。你没有发一个。要解决此问题,应将PKCS12证书转换为PEM格式(使用openssl是单向),然后使用keytool导入密钥库。

我怀疑如果您通过将客户端证书导入密钥库来解决此问题,那么您将遇到第二个错误。第二个错误是关于空CA证书 - 可能是因为您没有密钥库中服务器已知的CA证书。导入您的CA并重试。

答案 1 :(得分:0)

看起来您需要安装&#34; Java密码术扩展(JCE)无限强度管辖权政策文件&#34;。这解决了我的问题。

答案 2 :(得分:-3)

向iPhone / iPad发送推送通知我使用了JavaPNS

它非常易于使用,对我有用。

我们只需按This即可使用它。