javax.net.ssl.SSLHandshakeException:无通用密码套件无通用密码套件
我正在尝试在客户端和服务器之间建立SSL连接。但每当我尝试从客户端连接时,我都会在服务器上收到一个javax.net.ssl.SSLHandshakeException:no cipher suites in common no cipher suites in common错误。我已经生成了一个带有签名证书的密钥库,并且正在客户端和服务器上引用该密钥库。在对这个问题进行了大量的研究之后,我已经厌倦了,这个网站上的相关帖子也没有什么帮助 这是我的服务器代码 公共类服务器应用程序SL{javax.net.ssl.SSLHandshakeException:无通用密码套件无通用密码套件,java,Java,我正在尝试在客户端和服务器之间建立SSL连接。但每当我尝试从客户端连接时,我都会在服务器上收到一个javax.net.ssl.SSLHandshakeException:no cipher suites in common no cipher suites in common错误。我已经生成了一个带有签名证书的密钥库,并且正在客户端和服务器上引用该密钥库。在对这个问题进行了大量的研究之后,我已经厌倦了,这个网站上的相关帖子也没有什么帮助 这是我的服务器代码 公共类服务器应用程序SL{ publi
public static void main(String[] args) {
boolean debug = true;
System.out.println("Waiting For Connection");
int intSSLport = 4444;
{
Security.addProvider(new Provider());
//Security.addProvider(new BouncyCastleProvider());
//System.setProperty("javax.net.ssl.keyStore","C:\\SSLCERT\\NEWAEDCKSSKYE");
//System.setProperty("javax.net.ssl.keyStorePassword", "skyebank");
}
if (debug) {
System.setProperty("javax.net.debug", "all");
}
FileWriter file = null;
try {
file = new FileWriter("C:\\SSLCERT\\Javalog.txt");
} catch (Exception ee) {
//message = ee.getMessage();
}
try {
KeyStore keystore = KeyStore.getInstance("JKS");
keystore.load(new FileInputStream("C:\\SSLCERT\\NEWAEDCKSSKYE"), "skyebank".toCharArray());
file.write("Incoming Connection\r\n");
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory
.getDefaultAlgorithm());
kmf.init(keystore, "skyebank".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(keystore);
TrustManager[] trustManagers = tmf.getTrustManagers();
SSLContext context = SSLContext.getInstance("TLS");
context.init(kmf.getKeyManagers(), trustManagers, null);
SSLServerSocketFactory sslServerSocketfactory = (SSLServerSocketFactory) context.getServerSocketFactory();
SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerSocketfactory.createServerSocket(intSSLport);
SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
SSLServerSocket server_socket = (SSLServerSocket) sslServerSocket;
server_socket.setNeedClientAuth(true);
sslSocket.startHandshake();
System.out.println("Connection Accepted");
file.write("Connection Accepted\r\n");
while (true) {
PrintWriter out = new PrintWriter(sslSocket.getOutputStream(), true);
//BufferedReader in = new BufferedReader(new InputStreamReader(sslSocket.getInputStream()));
String inputLine;
//while ((inputLine = in.readLine()) != null) {
out.println("Hello Client....Welcome");
System.out.println("Hello Client....Welcome");
//}
out.close();
//in.close();
sslSocket.close();
sslServerSocket.close();
file.flush();
file.close();
}
} catch (Exception exp) {
try {
System.out.println(exp.getMessage() + "\r\n");
System.out.println(exp.getStackTrace() + "\r\n");
file.write(exp.getMessage() + "\r\n");
file.flush();
file.close();
} catch (Exception eee) {
//message = eee.getMessage();
}
}
}
}
public String MakeSSlCall(String meternum) {
String message = "";
FileWriter file = null;
try {
file = new FileWriter("C:\\SSLCERT\\ClientJavalog.txt");
} catch (Exception ee) {
message = ee.getMessage();
}
try {
file.write("KeyStore Generated\r\n");
KeyStore keystore = KeyStore.getInstance("JKS");
keystore.load(new FileInputStream("C:\\SSLCERT\\NEWAEDCKSSKYE"), "skyebank".toCharArray());
file.write("KeyStore Generated\r\n");
Enumeration enumeration = keystore.aliases();
while (enumeration.hasMoreElements()) {
String alias = (String) enumeration.nextElement();
file.write("alias name: " + alias + "\r\n");
keystore.getCertificate(alias);
file.write(keystore.getCertificate(alias).toString() + "\r\n");
}
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory
.getDefaultAlgorithm());
kmf.init(keystore, "skyebank".toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(keystore);
file.write("KeyStore Stored\r\n");
SSLContext context = SSLContext.getInstance("SSL");
TrustManager[] trustManagers = tmf.getTrustManagers();
KeyManager[] AllKeysMan = kmf.getKeyManagers();
file.write("Key Manager Length is " + AllKeysMan.length + "\r\n");
for (int i = 0; i < AllKeysMan.length; i++) {
file.write("Key Manager At This Point is " + AllKeysMan[i] + "\r\n");
}
context.init(kmf.getKeyManagers(), trustManagers, null);
SSLSocketFactory f = context.getSocketFactory();
file.write("About to Connect to Ontech\r\n");
SSLSocket c = (SSLSocket) f.createSocket("192.168.1.16", 4444);
file.write("Connection Established to 196.14.30.33 Port: 8462\r\n");
file.write("About to Start Handshake\r\n");
c.startHandshake();
file.write("Handshake Established\r\n");
file.flush();
file.close();
return "Connection Established";
} catch (Exception e) {
try {
file.write("An Error Occured\r\n");
file.write(e.getMessage() + "\r\n");
file.flush();
file.close();
} catch (Exception eee) {
message = eee.getMessage();
}
return "Connection Failed";
}
}
}
公共字符串MakeSSlCall(字符串meternum){
字符串消息=”;
FileWriter file=null;
试一试{
file=newfilewriter(“C:\\SSLCERT\\ClientJavalog.txt”);
}捕获(异常ee){
message=ee.getMessage();
}
试一试{
file.write(“生成密钥库\r\n”);
KeyStore KeyStore=KeyStore.getInstance(“JKS”);
load(新文件输入流(“C:\\SSLCERT\\newaedckskye”),“skyebank.toCharArray());
file.write(“生成密钥库\r\n”);
枚举=keystore.alias();
while(枚举.hasMoreElements()){
字符串别名=(字符串)枚举.nextElement();
file.write(“别名:“+alias+”\r\n”);
keystore.getCertificate(别名);
file.write(keystore.getCertificate(别名).toString()+“\r\n”);
}
KeyManagerFactory kmf=KeyManagerFactory.getInstance(KeyManagerFactory
.getDefaultAlgorithm());
init(keystore,“skyebank.toCharArray());
TrustManagerFactory tmf=TrustManagerFactory.getInstance(“SunX509”);
tmf.init(密钥库);
file.write(“存储的密钥库\r\n”);
SSLContext context=SSLContext.getInstance(“SSL”);
TrustManager[]TrustManager=tmf.getTrustManager();
KeyManager[]AllKeysMan=kmf.getKeyManagers();
file.write(“密钥管理器长度为“+AllKeysMan.Length+”\r\n”);
for(int i=0;i有人能告诉我我做错了什么吗?为此,您必须使用SSLContext。查看我在下面的一个应用程序中实现的示例代码。客户机上下文意味着您成为客户机并调用一些后端。服务器上下文表示您接受客户端请求
public class SSLUtil {
private static String KEY_STORE_TYPE = "JKS";
private static String TRUST_STORE_TYPE = "JKS";
private static String KEY_MANAGER_TYPE = "SunX509";
private static String TRUST_MANAGER_TYPE = "SunX509";
private static String PROTOCOL = "TLS";
private static SSLContext serverSSLCtx = null;
private static SSLContext clientSSLCtx = null;
public static SSLContext createServerSSLContext(final String keyStoreLocation,
final String keyStorePwd)
throws KeyStoreException,
NoSuchAlgorithmException,
CertificateException,
FileNotFoundException,
IOException,
UnrecoverableKeyException,
KeyManagementException {
if (serverSSLCtx == null) {
KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE);
keyStore.load(new FileInputStream(keyStoreLocation), keyStorePwd.toCharArray());
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE);
keyManagerFactory.init(keyStore, keyStorePwd.toCharArray());
serverSSLCtx = SSLContext.getInstance(PROTOCOL);
serverSSLCtx.init(keyManagerFactory.getKeyManagers(), null, null);
}
return serverSSLCtx;
}
public static SSLContext createClientSSLContext(final String trustStoreLocation,
final String trustStorePwd)
throws KeyStoreException,
NoSuchAlgorithmException,
CertificateException,
FileNotFoundException,
IOException,
KeyManagementException {
if (clientSSLCtx == null) {
KeyStore trustStore = KeyStore.getInstance(TRUST_STORE_TYPE);
trustStore.load(new FileInputStream(trustStoreLocation), trustStorePwd.toCharArray());
TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(TRUST_MANAGER_TYPE);
trustManagerFactory.init(trustStore);
clientSSLCtx = SSLContext.getInstance(PROTOCOL);
clientSSLCtx.init(null, trustManagerFactory.getTrustManagers(), null);
}
return clientSSLCtx;
}
}
最后,确保将受信任的服务器证书导入客户端密钥存储。服务器和客户端应该有不同的密钥存储。客户端使用的密钥存储称为客户端信任存储,因为我们在这里信任服务器证书。可能会有帮助。我认为你所做的是错的。对于客户端,您需要创建一个信任存储并将服务器证书导入该信任存储。你能试试吗?如果你想,我可以给你一个工作代码的样本。请一定要让我知道。@RavindraRanwala我非常感谢一个示例工作代码。我添加了一些示例代码,其中包含一些我在您的代码中理解的建议。谢谢您的回答,我不再收到密码套件错误。我想这是因为我在服务器和客户端中引用了相同的密钥库。但是,我现在在我的服务器“javax.net.ssl.SSLHandshakeException:收到致命警报:证书未知”上收到此执行选项,在我的客户端“javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:未找到受信任的证书”上收到此异常是否使用密钥工具导入命令将服务器证书导入客户端信任存储?看看这个是的,我有。我在为我的客户端keytool创建信任库时使用此命令-import-alias skyebankaedc-file skyebankaedc.cer-keystore mycert-storepass skyebank,并运行此命令来导入我自己的证书keytool-import-alias mucert-file mucert.cer-keystore mycert-storepass myccertI在创建和保存时也运行相同的命令将证书导入服务器的密钥库