I / O异常:收到致命警报:protocol_version - Coldfusion + Authorize.net

时间:2017-11-18 12:14:04

标签: java ssl coldfusion authorize.net

我的服务器安装了ColdFusion 10。我在服务器上测试Authorize.net付款时收到以下错误:

I/O Exception: Received fatal alert: protocol_version

以下是cfhttp请求:

<cfhttp method="Post" url="https://test.authorize.net/gateway/transact.dll" result="test">
   //Passed params here
</cfhttp>

看起来这个错误是由于ssl和shake_failure造成的。调试并解决此问题。我已按照this tutorial将证书添加到我的密钥库中。

以下是关于它的coldfusion-out.log详细信息:

 AM Information [ajp-bio-8012-exec-6] - Starting HTTP request {URL='https://test.authorize.net:443/gateway/transact.dll', method='Post'}
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
%% No cached client session
*** ClientHello, TLSv1
RandomCookie:  GMT: 1511005047 bytes = { 67, 167, 50, 23, 163, 143, 93, 78, 34, 130, 190, 65, 198, 95, 171, 222, 138, 10, 186, 140, 135, 200, 81, 223, 162, 61, 12, 196 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension server_name, server_name: [host_name: test.authorize.net]
***
[write] MD5 and SHA1 hashes:  len = 176
0000: 01 00 00 AC 03 01 5A 10   1B 77 43 A7 32 17 A3 8F  ......Z..wC.2...
0010: 5D 4E 22 82 BE 41 C6 5F   AB DE 8A 0A BA 8C 87 C8  ]N"..A._........
0020: 51 DF A2 3D 0C C4 00 00   2A C0 09 C0 13 00 2F C0  Q..=....*...../.
0030: 04 C0 0E 00 33 00 32 C0   08 C0 12 00 0A C0 03 C0  ....3.2.........
0040: 0D 00 16 00 13 C0 07 C0   11 00 05 C0 02 C0 0C 00  ................
0050: 04 00 FF 01 00 00 59 00   0A 00 34 00 32 00 17 00  ......Y...4.2...
0060: 01 00 03 00 13 00 15 00   06 00 07 00 09 00 0A 00  ................
0070: 18 00 0B 00 0C 00 19 00   0D 00 0E 00 0F 00 10 00  ................
0080: 11 00 02 00 12 00 04 00   05 00 14 00 08 00 16 00  ................
0090: 0B 00 02 01 00 00 00 00   17 00 15 00 00 12 74 65  ..............te
00A0: 73 74 2E 61 75 74 68 6F   72 69 7A 65 2E 6E 65 74  st.authorize.net
ajp-bio-8012-exec-6, WRITE: TLSv1 Handshake, length = 176
[Raw write]: length = 181
0000: 16 03 01 00 B0 01 00 00   AC 03 01 5A 10 1B 77 43  ...........Z..wC
0010: A7 32 17 A3 8F 5D 4E 22   82 BE 41 C6 5F AB DE 8A  .2...]N"..A._...
0020: 0A BA 8C 87 C8 51 DF A2   3D 0C C4 00 00 2A C0 09  .....Q..=....*..
0030: C0 13 00 2F C0 04 C0 0E   00 33 00 32 C0 08 C0 12  .../.....3.2....
0040: 00 0A C0 03 C0 0D 00 16   00 13 C0 07 C0 11 00 05  ................
0050: C0 02 C0 0C 00 04 00 FF   01 00 00 59 00 0A 00 34  ...........Y...4
0060: 00 32 00 17 00 01 00 03   00 13 00 15 00 06 00 07  .2..............
0070: 00 09 00 0A 00 18 00 0B   00 0C 00 19 00 0D 00 0E  ................
0080: 00 0F 00 10 00 11 00 02   00 12 00 04 00 05 00 14  ................
0090: 00 08 00 16 00 0B 00 02   01 00 00 00 00 17 00 15  ................
00A0: 00 00 12 74 65 73 74 2E   61 75 74 68 6F 72 69 7A  ...test.authoriz
00B0: 65 2E 6E 65 74                                     e.net
[Raw read]: length = 5
0000: 15 03 01 00 02                                     .....
[Raw read]: length = 2
0000: 02 46                                              .F
ajp-bio-8012-exec-6, READ: TLSv1 Alert, length = 2
ajp-bio-8012-exec-6, RECV TLSv1 ALERT:  fatal, protocol_version
ajp-bio-8012-exec-6, called closeSocket()
ajp-bio-8012-exec-6, handling exception: javax.net.ssl.SSLException: Received fatal alert: protocol_version
Finalizer, called close()
Finalizer, called closeInternal(true)

添加认证后,我仍然收到同样的错误。然后我在jvm.config中添加了以下行:

-Djavax.net.ssl.keyStore=C:\\ColdFusion10\\jre\\lib\\security\\cacerts 
-Djavax.net.ssl.keyStorePassword=password 
-Djavax.net.ssl=debug
-Djavax.net.debug=all

我仍然遇到同样的错误。

另一个想法是Authorize.net需要TLS 1.2来处理他们的API请求。我目前在CF 10上使用Java 1.7。我是否需要将我的java版本升级到1.8才能发出请求?任何人都可以帮我解决问题吗?

1 个答案:

答案 0 :(得分:0)

我已将JAVA版本升级到1.8并修复了问题。