握手失败套接字连接密码TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,jdk 1.7和tls 1.2

时间:2016-07-20 10:43:27

标签: java sockets ssl java-7 tls1.2

我想在服务器和客户端(使用套接字)之间建立SSL连接,使用jdk 1.7协议TLS 1.2和密码套件TLS_DHE_RSA_WITH_AES_128_CBC_SHA256。

客户端代码:

    KeyStore ks = KeyStore.getInstance("JKS");
    ks.load(Resources.getResource("trust.keystore").openStream(),
        "changeit".toCharArray());
    TrustManagerFactory tmf = TrustManagerFactory.getInstance(
        TrustManagerFactory.getDefaultAlgorithm());
    tmf.init(ks);
    SSLContext sslCtx = SSLContext.getInstance("TLSv1.2");
    sslCtx.init(null, tmf.getTrustManagers(), null);
    socketFactory = sslCtx.getSocketFactory();
    Socket s = socketFactory.createSocket("localhost", 4443);
    ((SSLSocket)s).setEnabledCipherSuites(new String[]{
        "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
    });
    ((SSLSocket)s).setEnabledProtocols(new String[]{
        "TLSv1.2"
    });
    Writer writer = new BufferedWriter(
        new OutputStreamWriter(s.getOutputStream(), "UTF-8"));
    writer.write("HELLO WORLD\n");
    writer.flush();

服务器端代码:

    ServerSocket ssocket =
        ((SSLServerSocketFactory)SSLServerSocketFactory
            .getDefault()).createServerSocket(4443);
    ssocket.setSoTimeout(5000);
    ((SSLServerSocket)ssocket).setEnabledProtocols(
        new String[] {"TLSv1.2"});
    ((SSLServerSocket)ssocket).setEnabledCipherSuites(
        new String[] {"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"});

我有以下例外:

    pool-2-thread-1, SEND TLSv1.2 ALERT:  fatal, description = handshake_failure
    pool-2-thread-1, WRITE: TLSv1.2 Alert, length = 2
[Raw write]: length = 7
[Raw read]: length = 5
0000000: 01: 515  0303  0303  0000  0202  02    28                                                                .........
..(
[Raw read]: length = 2
0000: 02 28          pool-2-thread-1, called closeSocket()
                                    .(
pool-2-thread-1, handling exception: javax.net.ssl.SSLHandshakeException: no cipher suites in common
main, READ: TLSv1.2 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: no cipher suites in common
server cipher suite [TLS_DHE_RSA_WITH_AES_128_CBC_SHA256]
server enabled protocol [TLSv1.2]
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:266)
    at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:894)
    at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:622)

相同的代码正在使用jdk 1.8。

0 个答案:

没有答案
相关问题
最新问题