Question

我有一个代码在昨天完美运行，今天它抛出异常：我试过的所有其他网站上的代码WORKS ..

守则：

String line = "", all = "",URL="https://www.website.co.il/";
    URL myUrl = null;
    BufferedReader in = null;
    try {
        myUrl = new URL(URL);
        in = new BufferedReader(new InputStreamReader(myUrl.openStream(),"UTF-8"));

        while ((line = in.readLine()) != null) {
            all += line;
            all+='\n';
        }
    } finally {
        if (in != null) {
            in.close();
        }
    }

例外：

Exception in thread "main" javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at java.net.URL.openStream(Unknown Source)

有人能看到问题吗？该网站的所有者是否可以改变可能产生这种差异的东西？

Answer 1

该站点的SSL Labs report表示它仅支持Java不支持的TLS_RSA_WITH_AES_256_CBC_SHA密码套件。如果你看一下报告的握手模拟部分，你会发现为Java 6,7和8模拟的握手都会失败。

编辑：正如@Robert在评论中指出的那样，安装无限强度策略文件将在Java中添加对此密码套件的支持，使您的客户端能够与此站点进行通信。

Answer 2

你做过java更新了吗？ Java 7默认使用TLS1，Java 8默认使用TLS1.2。您可能需要手动指定TLS / SSL版本。 https://blogs.oracle.com/java-platform-group/entry/diagnosing_tls_ssl_and_https

收到致命警报：从url加载html时的handshake_failure

2 个答案: