不支持的密码套件TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

时间:2015-09-15 02:12:16

标签: java scala ssl spray

我最近收到了Commodo的证书,我正在尝试将它与我的Scala Spray Server集成。我有一个特性来配置我的Spray服务器:

import java.io.{BufferedInputStream, FileInputStream}
import java.security.{SecureRandom, KeyStore}
import java.security.cert.{X509Certificate, CertificateFactory}
import javax.net.ssl.{TrustManagerFactory, KeyManagerFactory, SSLContext}
import spray.io._
import org.apache.camel.util.jsse._

// for SSL support (if enabled in application.conf)
trait MySSLConfig {
  // if there is no SSLContext in scope implicitly the HttpServer uses the default SSLContext,
  // since we want non-default settings in this example we make a custom SSLContext available here
  implicit def sslContext: SSLContext = {
    val keyStoreResource = "/home/ubuntu/key.jks"
    val password = "password"

    val keyStore = KeyStore.getInstance("jks")
    keyStore.load(getClass.getResourceAsStream(keyStoreResource), password.toCharArray)
    val keyManagerFactory = KeyManagerFactory.getInstance("SunX509")
    keyManagerFactory.init(keyStore, password.toCharArray)
    val trustManagerFactory = TrustManagerFactory.getInstance("SunX509")
    trustManagerFactory.init(keyStore)
    val context = SSLContext.getInstance("TLS")
    context.init(keyManagerFactory.getKeyManagers, trustManagerFactory.getTrustManagers, new SecureRandom)
    context
  }
  implicit def sslEngineProvider: ServerSSLEngineProvider = {
    ServerSSLEngineProvider { engine =>
      engine.setEnabledCipherSuites(Array("TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"))
      engine.setEnabledProtocols(Array("SSLv3", "TLSv1.2", "TLSv1", "TLSv1.1"))
      engine
    }
  }
}

但是,当我尝试使用https

请求我的uri时,我在运行时收到此错误 
2015-09-15 02:06:54,662 - [ERROR] - from akka.actor.OneForOneStrategy in NflDbApiActorSystemConfig-akka.actor.default-dispatcher-11
Unsupported ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
java.lang.IllegalArgumentException: Unsupported ciphersuite TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        at sun.security.ssl.CipherSuite.valueOf(CipherSuite.java:235) ~[na:1.7.0_79]
        at sun.security.ssl.CipherSuiteList.<init>(CipherSuiteList.java:82) ~[na:1.7.0_79]
        at sun.security.ssl.SSLEngineImpl.setEnabledCipherSuites(SSLEngineImpl.java:2014) ~[na:1.7.0_79]
        at com.suredbits.dfs.config.MySSLConfig$$anonfun$sslEngineProvider$1.apply(MySslConfig.scala:34) ~[suredbits-dfs.suredbits-dfs-0.0.1.jar:0.0.1]
        at com.suredbits.dfs.config.MySSLConfig$$anonfun$sslEngineProvider$1.apply(MySslConfig.scala:33) ~[suredbits-dfs.suredbits-dfs-0.0.1.jar:0.0.1]
        at scala.Option.map(Option.scala:145) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.io.SSLEngineProviderCompanion$$anonfun$apply$3.apply(SslTlsSupport.scala:408) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.io.SSLEngineProviderCompanion$$anonfun$apply$3.apply(SslTlsSupport.scala:408) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.io.ServerSSLEngineProvider$$anon$3.apply(SslTlsSupport.scala:427) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.io.ServerSSLEngineProvider$$anon$3.apply(SslTlsSupport.scala:425) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.can.server.HttpServerConnection$$anon$1.sslEngine(HttpServerConnection.scala:78) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.can.server.RequestParsing$$anon$1$$anon$2.<init>(RequestParsing.scala:41) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.can.server.RequestParsing$$anon$1.apply(RequestParsing.scala:39) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.can.server.RequestParsing$$anon$1.apply(RequestParsing.scala:37) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.io.RawPipelineStage$$anon$3.apply(Pipelines.scala:117) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.io.RawPipelineStage$$anon$3.apply(Pipelines.scala:116) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.io.RawPipelineStage$$anon$3.apply(Pipelines.scala:116) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.io.RawPipelineStage$$anon$3.apply(Pipelines.scala:116) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.io.RawPipelineStage$$anon$3.apply(Pipelines.scala:116) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.io.RawPipelineStage$$anon$3.apply(Pipelines.scala:116) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.io.ConnectionHandler$class.running(ConnectionHandler.scala:56) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.can.server.HttpServerConnection.running(HttpServerConnection.scala:29) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.can.server.HttpServerConnection.register(HttpServerConnection.scala:68) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.can.server.HttpServerConnection$$anonfun$receive$1.applyOrElse(HttpServerConnection.scala:49) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at akka.actor.Actor$class.aroundReceive(Actor.scala:465) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at spray.can.server.HttpServerConnection.aroundReceive(HttpServerConnection.scala:29) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at akka.actor.ActorCell.receiveMessage(ActorCell.scala:516) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at akka.actor.ActorCell.invoke(ActorCell.scala:487) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:254) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at akka.dispatch.Mailbox.run(Mailbox.scala:221) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at akka.dispatch.Mailbox.exec(Mailbox.scala:231) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339) ~[suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979) [suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]
        at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107) [suredbits-dfs-nfl-assembly-0.0.1.jar:0.0.1]

任何人都可以提供任何有关我收到此错误的原因吗?

编辑:

我将jdk升级为1.8,因为@Steffen Ullrich产生了我收到的新错误:

2015-09-15 15:14:51,717 - [ERROR] - from spray.can.server.HttpServerConnection in NflDbApiActorSystemConfig-akka.actor.default-dispatcher-7
Aborting encrypted connection to my-ip due to [SSLHandshakeException:no cipher suites in common] -> [SSLHandshakeException:no cipher suites in common]

2015-09-15 15:14:51,881 - [ERROR] - from spray.can.server.HttpServerConnection in NflDbApiActorSystemConfig-akka.actor.default-dispatcher-4
Aborting encrypted connection to my-ip due to [SSLHandshakeException:no cipher suites in common] -> [SSLHandshakeException:no cipher suites in common]

2015-09-15 15:14:52,029 - [ERROR] - from spray.can.server.HttpServerConnection in NflDbApiActorSystemConfig-akka.actor.default-dispatcher-10
Aborting encrypted connection to my-ip due to [SSLHandshakeException:Client requested protocol TLSv1.1 not enabled or not supported] -> [SSLHandshakeException:Client requested protocol TLSv1.1 not enabled or not supported]

2015-09-15 15:14:52,184 - [ERROR] - from spray.can.server.HttpServerConnection in NflDbApiActorSystemConfig-akka.actor.default-dispatcher-2
Aborting encrypted connection to my-ip due to [SSLHandshakeException:Client requested protocol TLSv1 not enabled or not supported] -> [SSLHandshakeException:Client requested protocol TLSv1 not enabled or not supported]

EDIT2:

我修改了这一行

engine.setEnabledCipherSuites(sslContext.getServerSocketFactory.getSupportedCipherSuites)

给出了包含

的密码套件列表 
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

但是我仍然收到此错误:

2015-09-15 18:43:55,690 - [INFO] - from org.apache.camel.util.jsse.SSLContextParameters in NflDbApiActorSystemConfig-akka.actor.default-dispatcher-9
Available providers: SUN version 1.8.

2015-09-15 18:43:55,696 - [ERROR] - from spray.can.server.HttpServerConnection in NflDbApiActorSystemConfig-akka.actor.default-dispatcher-4
Aborting encrypted connection to my-ip due to [SSLHandshakeException:no cipher suites in common] -> [SSLHandshakeException:no cipher suites in common]

使用更细粒度的调试模式为-Djava.net.debug = ssl

添加更多日志 
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring disabled protocol: SSLv3
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-42, READ: TLSv1 Handshake, length = 167
*** ClientHello, TLSv1
RandomCookie:  GMT: -265533514 bytes = { 61, 40, 108, 219, 248, 171, 159, 143, 197, 121, 120, 2, 169, 117, 206, 251, 77, 174, 188, 36, 13, 240, 239, 104, 177, 132, 36, 253 }
Session ID:  {}
Cipher Suites: [Unknown 0x56:0x0, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5]
Compression Methods:  { 0 }
Extension server_name, server_name: [type=host_name (0), value=api.extrapoint.io]
Extension renegotiation_info, renegotiated_connection: <empty>
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}
Extension ec_point_formats, formats: [uncompressed]
Unsupported extension type_35, data: 
Unsupported extension type_13172, data: 
Unsupported extension type_16, data: 00:12:08:73:70:64:79:2f:33:2e:31:08:68:74:74:70:2f:31:2e:31
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data: 
***
%% Initialized:  [Session-868, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-42, fatal error: 40: no cipher suites in common
javax.net.ssl.SSLHandshakeException: no cipher suites in common
%% Invalidated:  [Session-868, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-42, SEND TLSv1 ALERT:  fatal, description = handshake_failure
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-42, WRITE: TLSv1 Alert, length = 2
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-42, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLHandshakeException: no cipher suites in common
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring disabled protocol: SSLv3
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-38, READ: TLSv1 Handshake, length = 167
*** ClientHello, TLSv1
RandomCookie:  GMT: -1569487286 bytes = { 25, 54, 227, 33, 169, 61, 202, 196, 56, 250, 139, 68, 8, 183, 153, 237, 234, 230, 40, 91, 244, 198, 29, 236, 243, 121, 109, 28 }
Session ID:  {}
Cipher Suites: [Unknown 0x56:0x0, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5]
Compression Methods:  { 0 }
Extension server_name, server_name: [type=host_name (0), value=api.extrapoint.io]
Extension renegotiation_info, renegotiated_connection: <empty>
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}
Extension ec_point_formats, formats: [uncompressed]
Unsupported extension type_35, data: 
Unsupported extension type_13172, data: 
Unsupported extension type_16, data: 00:12:08:73:70:64:79:2f:33:2e:31:08:68:74:74:70:2f:31:2e:31
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data: 
***
%% Initialized:  [Session-869, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-38, fatal error: 40: no cipher suites in common
javax.net.ssl.SSLHandshakeException: no cipher suites in common
%% Invalidated:  [Session-869, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-38, SEND TLSv1 ALERT:  fatal, description = handshake_failure
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-38, WRITE: TLSv1 Alert, length = 2
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-38, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLHandshakeException: no cipher suites in common
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring disabled protocol: SSLv3
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-45, READ: TLSv1 Handshake, length = 167
*** ClientHello, TLSv1
RandomCookie:  GMT: -1995784349 bytes = { 231, 253, 51, 160, 51, 83, 215, 117, 136, 228, 2, 249, 107, 133, 172, 213, 70, 200, 95, 170, 53, 5, 93, 19, 131, 185, 241, 92 }
Session ID:  {}
Cipher Suites: [Unknown 0x56:0x0, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5]
Compression Methods:  { 0 }
Extension server_name, server_name: [type=host_name (0), value=api.extrapoint.io]
Extension renegotiation_info, renegotiated_connection: <empty>
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}
Extension ec_point_formats, formats: [uncompressed]
Unsupported extension type_35, data: 
Unsupported extension type_13172, data: 
Unsupported extension type_16, data: 00:12:08:73:70:64:79:2f:33:2e:31:08:68:74:74:70:2f:31:2e:31
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data: 
***
%% Initialized:  [Session-870, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-45, fatal error: 40: no cipher suites in common
javax.net.ssl.SSLHandshakeException: no cipher suites in common
%% Invalidated:  [Session-870, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-45, SEND TLSv1 ALERT:  fatal, description = handshake_failure
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-45, WRITE: TLSv1 Alert, length = 2
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-45, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLHandshakeException: no cipher suites in common
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring disabled protocol: SSLv3
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-41, READ: TLSv1 Handshake, length = 208
*** ClientHello, TLSv1.2
RandomCookie:  GMT: -1327152795 bytes = { 83, 242, 3, 179, 176, 55, 11, 121, 181, 163, 83, 1, 237, 23, 101, 140, 177, 179, 40, 128, 77, 190, 63, 204, 162, 105, 4, 57 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5]
Compression Methods:  { 0 }
Extension server_name, server_name: [type=host_name (0), value=api.extrapoint.io]
Extension renegotiation_info, renegotiated_connection: <empty>
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}
Extension ec_point_formats, formats: [uncompressed]
Unsupported extension type_35, data: 
Unsupported extension type_13172, data: 
Unsupported extension type_16, data: 00:1b:08:73:70:64:79:2f:33:2e:31:05:68:32:2d:31:34:02:68:32:08:68:74:74:70:2f:31:2e:31
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data: 
Extension signature_algorithms, signature_algorithms: SHA256withRSA, SHA384withRSA, SHA512withRSA, SHA1withRSA, SHA256withECDSA, SHA384withECDSA, SHA512withECDSA, SHA1withECDSA, Unknown (hash:0x4, signature:0x2), SHA1withDSA
***
%% Initialized:  [Session-871, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-41, fatal error: 40: no cipher suites in common
javax.net.ssl.SSLHandshakeException: no cipher suites in common
%% Invalidated:  [Session-871, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-41, SEND TLSv1.2 ALERT:  fatal, description = handshake_failure
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-41, WRITE: TLSv1.2 Alert, length = 2
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-41, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLHandshakeException: no cipher suites in common
Using SSLEngineImpl.
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring disabled protocol: SSLv3
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-43, READ: TLSv1 Handshake, length = 167
*** ClientHello, TLSv1
RandomCookie:  GMT: -300410757 bytes = { 151, 231, 251, 170, 239, 146, 191, 87, 5, 9, 151, 64, 86, 10, 220, 175, 228, 71, 112, 41, 250, 35, 36, 140, 114, 28, 8, 130 }
Session ID:  {}
Cipher Suites: [Unknown 0x56:0x0, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5]
Compression Methods:  { 0 }
Extension server_name, server_name: [type=host_name (0), value=api.extrapoint.io]
Extension renegotiation_info, renegotiated_connection: <empty>
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}
Extension ec_point_formats, formats: [uncompressed]
Unsupported extension type_35, data: 
Unsupported extension type_13172, data: 
Unsupported extension type_16, data: 00:12:08:73:70:64:79:2f:33:2e:31:08:68:74:74:70:2f:31:2e:31
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data: 
***
%% Initialized:  [Session-872, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-43, fatal error: 40: no cipher suites in common
javax.net.ssl.SSLHandshakeException: no cipher suites in common
%% Invalidated:  [Session-872, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-43, SEND TLSv1 ALERT:  fatal, description = handshake_failure
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-43, WRITE: TLSv1 Alert, length = 2
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-43, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLHandshakeException: no cipher suites in common
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring disabled protocol: SSLv3
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-43, READ: TLSv1 Handshake, length = 167
*** ClientHello, TLSv1.1
RandomCookie:  GMT: -1944581904 bytes = { 65, 211, 112, 212, 209, 223, 205, 60, 175, 177, 83, 168, 139, 174, 78, 221, 40, 69, 103, 105, 117, 231, 103, 50, 53, 237, 22, 58 }
Session ID:  {}
Cipher Suites: [Unknown 0x56:0x0, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5]
Compression Methods:  { 0 }
Extension server_name, server_name: [type=host_name (0), value=api.extrapoint.io]
Extension renegotiation_info, renegotiated_connection: <empty>
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}
Extension ec_point_formats, formats: [uncompressed]
Unsupported extension type_35, data: 
Unsupported extension type_13172, data: 
Unsupported extension type_16, data: 00:12:08:73:70:64:79:2f:33:2e:31:08:68:74:74:70:2f:31:2e:31
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data: 
***
%% Initialized:  [Session-873, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-43, fatal error: 40: no cipher suites in common
javax.net.ssl.SSLHandshakeException: no cipher suites in common
%% Invalidated:  [Session-873, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-43, SEND TLSv1.1 ALERT:  fatal, description = handshake_failure
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-43, WRITE: TLSv1.1 Alert, length = 2
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-43, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLHandshakeException: no cipher suites in common
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Using SSLEngineImpl.
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring disabled protocol: SSLv3
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-41, READ: TLSv1 Handshake, length = 167
*** ClientHello, TLSv1
RandomCookie:  GMT: 584450856 bytes = { 254, 198, 84, 40, 79, 119, 157, 34, 77, 19, 234, 180, 195, 251, 21, 69, 247, 233, 184, 117, 184, 4, 179, 104, 68, 102, 84, 232 }
Session ID:  {}
Cipher Suites: [Unknown 0x56:0x0, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5]
Compression Methods:  { 0 }
Extension server_name, server_name: [type=host_name (0), value=api.extrapoint.io]
Extension renegotiation_info, renegotiated_connection: <empty>
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}
Extension ec_point_formats, formats: [uncompressed]
Unsupported extension type_35, data: 
Unsupported extension type_13172, data: 
Unsupported extension type_16, data: 00:12:08:73:70:64:79:2f:33:2e:31:08:68:74:74:70:2f:31:2e:31
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data: 
***
%% Initialized:  [Session-874, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-41, fatal error: 40: no cipher suites in common
javax.net.ssl.SSLHandshakeException: no cipher suites in common
%% Invalidated:  [Session-874, SSL_NULL_WITH_NULL_NULL]
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-41, SEND TLSv1 ALERT:  fatal, description = handshake_failure
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-41, WRITE: TLSv1 Alert, length = 2
NflDbApiActorSystemConfig-akka.actor.default-dispatcher-41, fatal: engine already closed.  Rethrowing javax.net.ssl.SSLHandshakeException: no cipher suites in common

2 个答案:

答案 0 :(得分:2)

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256是TLSv1.2密码套件。 它不能与SSLv3或TLSv1一起使用。此外,它可能甚至不适用于您正在使用的 unknown 版本的Java。

编辑:因为现在已知使用Java 1.7:

根据the documentation from Oracle,Java 1.7中没有GCM密码,但它们只添加到Java 1.8中。这解释了有关不受支持的密码的消息。

答案 1 :(得分:1)

这个问题是密钥生成错误。我不得不继续支持COMODO并获得关键代的帮助。

相关问题
最新问题