我正在尝试使用SSL通过JDBC连接到Oracle 12c。我正在使用ojdbc7.jar驱动程序。客户端和服务器都是Windows。关闭两端的防火墙。下面是ssl跟踪的输出。
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1430334282 bytes = { 69, 83, 91, 133, 150, 187, 85, 213, 202, 198, 31, 165, 246, 255, 111, 126, 81, 247, 157, 183, 87, 124, 202, 202, 207, 56, 95, 72 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_3DES_EDE_CBC_SHA]
Compression Methods: { 0 }
Extension renegotiation_info, renegotiated_connection: <empty>
***
main, WRITE: TLSv1 Handshake, length = 52
main, WRITE: SSLv2 client hello message, length = 50
main, READ: TLSv1 Handshake, length = 81
*** ServerHello, TLSv1
RandomCookie: GMT: 1430334282 bytes = { 222, 187, 114, 112, 185, 5, 24, 154, 27, 211, 110, 74, 27, 132, 102, 122, 148, 54, 211, 238, 236, 145, 39, 248, 95, 175, 5, 12 }
Session ID: {21, 95, 112, 37, 202, 22, 159, 81, 226, 171, 215, 84, 234, 128, 65, 150, 0, 250, 176, 102, 80, 188, 149, 6, 158, 212, 252, 235, 133, 209, 51, 127}
Cipher Suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
%% Initialized: [Session-1, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
** SSL_RSA_WITH_3DES_EDE_CBC_SHA
main, READ: TLSv1 Handshake, length = 447
*** Certificate chain
chain [0] = [
[
Version: V1
Subject: CN=root_test, C=US
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: Sun RSA public key, 1024 bits
modulus: 94182750650626781017220006010494789598067049291234592396111660568098076182306818772228773813222462430912731999733961420261369515567490874689665410658883934411598110479180388509795935352224877898397466823821735995311132530061707293945910076028247649797215982116364807695484530610638408551986552865648301686753
public exponent: 65537
Validity: [From: Tue Apr 28 11:25:24 EDT 2015,
To: Fri Apr 25 11:25:24 EDT 2025]
Issuer: CN=root_test, C=US
SerialNumber: [ 00]
]
Algorithm: [MD5withRSA]
Signature:
0000: 1D 1B A5 C0 E9 6C 9D DA 1F 84 FC 64 3D E9 E9 69 .....l.....d=..i
0010: 46 F2 E8 F9 54 64 55 F2 A7 46 D5 86 FF 9A 4A 5E F...TdU..F....J^
0020: EE 32 95 B5 43 D8 91 69 41 A2 DF 66 92 9C CE 87 .2..C..iA..f....
0030: AC 92 A7 E7 51 EB CF 0C 6F 77 AA F5 69 88 65 58 ....Q...ow..i.eX
0040: 4D FB 18 C9 BB 4A 60 C5 69 7C 1A 89 F7 02 5E 10 M....J`.i.....^.
0050: 27 C0 4F 27 22 DA 80 C0 D2 0E D7 3B F4 41 03 4C '.O'"......;.A.L
0060: 1F 29 1D 68 B1 68 04 1A E3 B3 BB 3F 95 88 BA 6C .).h.h.....?...l
0070: 53 20 36 5E 2B 3A 84 60 B0 9C 39 02 D0 BD 15 45 S 6^+:.`..9....E
]
***
Found trusted certificate:
[
[
Version: V1
Subject: CN=root_test, C=US
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: Sun RSA public key, 1024 bits
modulus: 94182750650626781017220006010494789598067049291234592396111660568098076182306818772228773813222462430912731999733961420261369515567490874689665410658883934411598110479180388509795935352224877898397466823821735995311132530061707293945910076028247649797215982116364807695484530610638408551986552865648301686753
public exponent: 65537
Validity: [From: Tue Apr 28 11:25:24 EDT 2015,
To: Fri Apr 25 11:25:24 EDT 2025]
Issuer: CN=root_test, C=US
SerialNumber: [ 00]
]
Algorithm: [MD5withRSA]
Signature:
0000: 1D 1B A5 C0 E9 6C 9D DA 1F 84 FC 64 3D E9 E9 69 .....l.....d=..i
0010: 46 F2 E8 F9 54 64 55 F2 A7 46 D5 86 FF 9A 4A 5E F...TdU..F....J^
0020: EE 32 95 B5 43 D8 91 69 41 A2 DF 66 92 9C CE 87 .2..C..iA..f....
0030: AC 92 A7 E7 51 EB CF 0C 6F 77 AA F5 69 88 65 58 ....Q...ow..i.eX
0040: 4D FB 18 C9 BB 4A 60 C5 69 7C 1A 89 F7 02 5E 10 M....J`.i.....^.
0050: 27 C0 4F 27 22 DA 80 C0 D2 0E D7 3B F4 41 03 4C '.O'"......;.A.L
0060: 1F 29 1D 68 B1 68 04 1A E3 B3 BB 3F 95 88 BA 6C .).h.h.....?...l
0070: 53 20 36 5E 2B 3A 84 60 B0 9C 39 02 D0 BD 15 45 S 6^+:.`..9....E
]
main, READ: TLSv1 Handshake, length = 4
*** ServerHelloDone
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
main, WRITE: TLSv1 Handshake, length = 134
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 9A D9 43 0E 09 9F B4 6D 08 0A D2 72 1E 72 ....C....m...r.r
0010: 44 4E D5 1C 1E D9 99 C8 F4 D0 22 15 47 77 DA 1A DN........".Gw..
0020: 88 9B 4E B3 E4 6C 37 C0 35 73 39 30 D7 78 11 B6 ..N..l7.5s90.x..
CONNECTION KEYGEN:
Client Nonce:
0000: 55 41 2B 4A 45 53 5B 85 96 BB 55 D5 CA C6 1F A5 UA+JES[...U.....
0010: F6 FF 6F 7E 51 F7 9D B7 57 7C CA CA CF 38 5F 48 ..o.Q...W....8_H
Server Nonce:
0000: 55 41 2B 4A DE BB 72 70 B9 05 18 9A 1B D3 6E 4A UA+J..rp......nJ
0010: 1B 84 66 7A 94 36 D3 EE EC 91 27 F8 5F AF 05 0C ..fz.6....'._...
Master Secret:
0000: 7B AB FC 97 08 50 8A 52 98 91 B0 47 70 99 45 95 .....P.R...Gp.E.
0010: 62 3F B1 34 E7 B5 8D DF 8C 63 69 75 BC 58 0D 3A b?.4.....ciu.X.:
0020: A7 A6 4E CD 0A E5 24 35 7A 19 6F 4C F5 AB 4C 58 ..N...$5z.oL..LX
Client MAC write Secret:
0000: D1 C9 88 93 14 80 46 A0 46 AC 3D DB 5E B2 BE C6 ......F.F.=.^...
0010: B3 0C 7E 45 ...E
Server MAC write Secret:
0000: 6E 16 66 BB 8D BB E8 B8 02 15 55 A2 82 86 2D A4 n.f.......U...-.
0010: 88 C0 EC E6 ....
Client write key:
0000: 17 92 22 F9 96 1D B2 F3 93 98 31 92 9B 96 37 9F ..".......1...7.
0010: 1D FE 02 6E 72 B2 91 CC ...nr...
Server write key:
0000: 2F EA 3E 02 D4 3A 3C 22 97 E5 EA 5E A7 76 2D 10 /.>..:<"...^.v-.
0010: 21 F1 D7 D8 BD 30 E0 86 !....0..
Client write IV:
0000: 2A EB 11 81 89 C6 2F 67 *...../g
Server write IV:
0000: D4 47 D1 03 CF B7 04 74 .G.....t
main, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 230, 88, 202, 9, 39, 20, 124, 226, 73, 60, 170, 78 }
***
main, WRITE: TLSv1 Handshake, length = 40
main, READ: TLSv1 Change Cipher Spec, length = 1
main, READ: TLSv1 Handshake, length = 40
*** Finished
verify_data: { 214, 171, 38, 239, 184, 194, 2, 22, 90, 90, 22, 199 }
***
%% Cached client session: [Session-1, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
main, WRITE: TLSv1 Application Data, length = 240
main, received EOFException: ignored
main, called closeInternal(false)
main, SEND TLSv1 ALERT: warning, description = close_notify
main, WRITE: TLSv1 Alert, length = 24
main, called closeSocket(selfInitiated)
main, called close()
main, called closeInternal(true)
java.sql.SQLRecoverableException: IO Error: Got minus one from a read call
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:673)
at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:715)
at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:385)
at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:30)
at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:564)
at java.sql.DriverManager.getConnection(DriverManager.java:571)
at java.sql.DriverManager.getConnection(DriverManager.java:187)
at oracletest.OracleTest.main(OracleTest.java:45)
Caused by: oracle.net.ns.NetException: Got minus one from a read call
at oracle.net.ns.Packet.receive(Packet.java:314)
at oracle.net.ns.NSProtocolStream.negotiateConnection(NSProtocolStream.java:153)
at oracle.net.ns.NSProtocol.connect(NSPro`enter code here`tocol.java:263)
at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1360)
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:486)
... 7 more
答案 0 :(得分:0)
没有看到你的代码:
有EOFException,会被忽略。
main, SEND TLSv1 ALERT: warning, description = close_notify是来自SSL层(!)的信号,它正在远程关闭连接。
我怀疑服务器出于某种原因拒绝了你的连接。
此消息通知收件人发件人不会再在此连接上发送任何消息。
请注意,从TLS 1.1开始,无法正确关闭连接不再需要恢复会话。这是从TLS 1.0的变化,以符合广泛的实施实践。
任何一方都可以通过发送close_notify警报来发起关闭。关闭警报后收到的任何数据都将被忽略。