收到致命警报:handshake_failure,调试未显示原因

时间:2016-11-08 21:08:11

标签: java ssl ssl-certificate sslhandshakeexception

我正在尝试使用Java HTTP客户端从HTTPS服务器下载图像,如此... 

System.setProperty("javax.net.debug", "all");
System.setProperty("jsse.enableSNIExtension", "false");

 URL url = new URL("https://secureserver.com/media/hot-jlaw-image.jpg")
 HttpURLConnection urlConn =  url.openConnection()
 urlConn.setRequestMethod("GET")

 File myImg = new File("/Users/joe/Downloads/myImage.jpg")
 myImg.append(urlConn.getInputStream())

我的客户端在Java 8上运行。启用调试后,我会看到包含以下内容的内容...... 

 *** ClientHello, TLSv1.2
 RandomCookie:  GMT: 1478629170 bytes = { 23, 147, 128, 164, 76, 36, 0, 143, 175, 43, 227, 154, 16, 212, 209, 112, 224, 227, 0, 109, 196, 178, 231, 43, 112, 198, 36, 235 }
 Session ID:  {}
 Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]

main, WRITE: TLSv1.2 Handshake, length = 193

Caught: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
[Raw read]: length = 5
0000: 15 03 03 00 02                                     .....
[Raw read]: length = 2
0000: 02 28                                              .(
main, READ: TLSv1.2 Alert, length = 2
main, RECV TLSv1.2 ALERT:  fatal, handshake_failure

所以似乎发送了Client Hello并发送了Handshake,但除了有关握手失败的警报外,没有任何内容从服务器发回。

This answer提出了可能发生此错误的几个原因,例如不兼容的密码套件或不完整的信任路径,并建议启用调试。

但在我的情况下,调试并未揭示罪魁祸首。关于还有什么可以尝试的任何建议?

1 个答案:

答案 0 :(得分:0)

原来问题是这一行

 System.setProperty("jsse.enableSNIExtension", "false");'

他们的服务器必须是虚拟的,因为some posts表示这对这些服务器不起作用。

相关问题
最新问题