Tomcat:javax.net.ssl.SSLHandshakeException:没有共同的密码套件

时间:2015-05-15 08:51:17

标签: ssl tomcat8 intellij-14

我正在尝试设置远程tomcat服务器以在IntelliJ中部署。

出于某种原因"握手"失败。

  

11:44:28运行VPS-Tomcat时出错            无法连接到185.80.128.231:1099,原因是:            java.rmi.ConnectIOException:JRMP连接建立期间出错;嵌套异常是:            javax.net.ssl.SSLHandshakeException:收到致命警报:handshake_failure

我在tomcat启动时添加了一些调试选项:

  

忽略不受支持的密码套件:TLSv1的TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256   忽略不受支持的密码套件:TLSv1的TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   忽略不支持的密码套件:TLSv1的TLS_RSA_WITH_AES_128_CBC_SHA256   忽略不支持的密码套件:TLSv1的TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256   忽略不支持的密码套件:TLSv1的TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256   忽略不受支持的密码套件:TLSv1的TLS_DHE_RSA_WITH_AES_128_CBC_SHA256   忽略不受支持的密码套件:TLSv1的TLS_DHE_DSS_WITH_AES_128_CBC_SHA256   忽略不受支持的密码套件:TLSv1.1的TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256   忽略不受支持的密码套件:TLSv1.1的TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   忽略不受支持的密码套件:TLSv1.1的TLS_RSA_WITH_AES_128_CBC_SHA256   忽略不支持的密码套件:TLSv1.1的TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256   忽略不受支持的密码套件:TLSv1.1的TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256   忽略不支持的密码套件:TLSv1.1的TLS_DHE_RSA_WITH_AES_128_CBC_SHA256   忽略不受支持的密码套件:TLSv1.1的TLS_DHE_DSS_WITH_AES_128_CBC_SHA256   RMI TCP连接(16)-78.60.67.248,READ:TLSv1.2握手,长度= 207   *** ClientHello,TLSv1.2   RandomCookie:GMT:1431613995 bytes = {210,37,184,64,38,79,199,129,139,3,89,15,7,99,193,123,94,24,149,84,76, 24,210,199,14,10,32,220}   会话ID:{}   密码套件:[TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC _SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,TLS_ECDH_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5,TLS_EMPTY_RENEGOTIATION_INFO_SCSV]   压缩方法:{0}   扩展elliptic_curves,曲线名称:{secp256r1,sect163k1,sect163r2,secp192r1,secp224r1,sect233k1,sect233r1,sect283k1,sect283r1,secp384r1,sect409k1,sect409r1,secp521r1,sect571k1,sect571r1,secp160k1,secp160r1,secp160r2,sect163r1,secp192k1,sect193r1,sect193r2 ,secp224k1,sect239k1,secp256k1}   扩展ec_point_formats,格式:[未压缩]   扩展signature_algorithms,signature_algorithms:SHA512withECDSA,SHA512withRSA,SHA384withECDSA,SHA384withRSA,SHA256withECDSA,SHA256withRSA,SHA224withECDSA,SHA224withRSA,SHA1withECDSA,SHA1withRSA,SHA1withDSA,MD5withRSA   %%已初始化:[Session-14,SSL_NULL_WITH_NULL_NULL]   %%无效:[Session-14,SSL_NULL_WITH_NULL_NULL]   RMI TCP连接(16)-78.60.67.248,发送TLSv1.2警告:致命,描述= handshake_failure   RMI TCP连接(16)-78.60.67.248,WRITE:TLSv1.2警报,长度= 2   RMI TCP连接(16)-78.60.67.248,名为closeSocket()   RMI TCP连接(16)-78.60.67.248,处理异常:javax.net.ssl.SSLHandshakeException:没有共同的密码套件   RMI TCP连接(16)-78.60.67.248,名为close()   RMI TCP连接(16)-78.60.67.248,称为closeInternal(true)

我真的不明白,但我假设一端正在使用TLS1.2而另一端使用TLS1.1虽然我甚至不确定哪一个是哪个。< / p>

那么如何配置它们才能使用相同的版本?或者让tomcat支持那些密码套件?

或问题出在其他地方?

0 个答案:

没有答案