某些HTTPS网址上的“handshake_failure”

Question

我尝试过snoop示例，即HttpSnoopClient，带有一些HTTPS示例网址，我得到“handshake_failure”。 例如，使用“https://www.topixstars.com/quiz/18926/qidx40”或“https://moviebay.io/watch/live-pd-season-2-episode-20-12-9-17”，我会收到以下异常：

javax.net.ssl.SSLException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1800)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1083)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:907)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:292)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1256)
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1159)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1202)
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:489)
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:428)

我可以使用Chrome和Firefox浏览器访问这些页面 根据“https://www.ssllabs.com/ssltest/analyze.html”这些域似乎有正确的证书。

我已经使用“https://moviebay.io/watch/live-pd-season-2-episode-20-12-9-17”网址上的“-Djavax.net.debug = all”VM参数执行了HttpSnoopClient程序，我看到了：

nioEventLoopGroup-2-1, READ: TLSv1 Alert, length = 2
nioEventLoopGroup-2-1, RECV TLSv1.2 ALERT:  fatal, handshake_failure
nioEventLoopGroup-2-1, fatal: engine already closed.  Rethrowing         javax.net.ssl.SSLException: Received fatal alert: handshake_failure

完整的日志在这里：https://ufile.io/s9xtf

使用openssl命令：

openssl s_client -connect moviebay.io:443

我明白了：

CONNECTED(00000003)
140053994227352:error:14077410:SSL     routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake     failure:s23_clnt.c:769:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 305 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE

没有ALPN谈判     SSL会话：         协议：TLSv1         密码：0000         会话ID：         会话ID-CTX：         主密钥：         Key-Arg：无         PSK身份：无         PSK身份提示：无         SRP用户名：无         开始时间：1518084692         超时：300（秒）         验证返回码：0（ok）     ---

有人可以解释我出了什么问题吗？

最诚挚的问候。