Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/318.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java 8-javax.net.ssl.SSLHandshakeException:收到致命警报:握手失败_Java_Ssl_Grails_Kubernetes_Sslhandshakeexception - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java 8-javax.net.ssl.SSLHandshakeException:收到致命警报:握手失败

Java 8-javax.net.ssl.SSLHandshakeException:收到致命警报:握手失败

java ssl grails kubernetes

Java 8-javax.net.ssl.SSLHandshakeException:收到致命警报:握手失败,java,ssl,grails,kubernetes,sslhandshakeexception,Java,Ssl,Grails,Kubernetes,Sslhandshakeexception,我的应用程序运行在Kubernetes上的jdk1.8.0221和Tomcat8上 当我尝试使用wget连接到URL时,使用相同的证书可以完成调用。 但当我尝试使用Java应用程序连接时,它失败了,错误为“收到致命警报:握手失败” 以下是ssl日志: Is initial handshake: true Is secure renegotiation: false Timer-2,grails-cache-ehcache,hushly-deployment-7bcf9d98cf-lwtlk-20

我的应用程序运行在Kubernetes上的jdk1.8.0221和Tomcat8上

当我尝试使用wget连接到URL时,使用相同的证书可以完成调用。 但当我尝试使用Java应用程序连接时,它失败了,错误为“收到致命警报:握手失败”

以下是ssl日志:

Is initial handshake: true
Is secure renegotiation: false
Timer-2,grails-cache-ehcache,hushly-deployment-7bcf9d98cf-lwtlk-20370, setSoTimeout(30000) called
Ignoring disabled protocol: SSLv3
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1
%% No cached client session
update handshake state: client_hello[1]
upcoming handshake states: server_hello[2]
*** ClientHello, TLSv1.2
RandomCookie:  GMT: 1560217405 bytes = { 75, 51, 117, 237, 75, 213, 47, 220, 209, 236, 129, 21, 83, 91, 45, 173, 87, 8, 4, 62, 50, 51, 160, 94, 255, 240, 62, 68 }
Session ID:  {}
Cipher Suites: [TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
Extension extended_master_secret
***
Timer-2,grails-cache-ehcache,hushly-deployment-7bcf9d98cf-lwtlk-20370, WRITE: TLSv1.2 Handshake, length = 119
Timer-2,grails-cache-ehcache,hushly-deployment-7bcf9d98cf-lwtlk-20370, READ: TLSv1.2 Alert, length = 2
Timer-2,grails-cache-ehcache,hushly-deployment-7bcf9d98cf-lwtlk-20370, RECV TLSv1.2 ALERT:  fatal, handshake_failure
Timer-2,grails-cache-ehcache,hushly-deployment-7bcf9d98cf-lwtlk-20370, called closeSocket()
Timer-2,grails-cache-ehcache,hushly-deployment-7bcf9d98cf-lwtlk-20370, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
22-Dec-2019 06:03:42.674 WARNING [Timer-2,grails-cache-ehcache,hushly-deployment-7bcf9d98cf-lwtlk-20370] org.jgroups.ping.kube.KubePing.doReadAll Problem getting Pod json from Kubernetes Client[masterUrl=https://10.100.0.1:443/api/v1, headers={}, connectTimeout=5000, readTimeout=30000, operationAttempts=3, operationSleep=1000, streamProvider=org.openshift.ping.common.stream.TokenStreamProvider@880aefb] for cluster [grails-cache-ehcache], namespace [default], labels [app=hushly]; encountered [java.lang.Exception: 3 attempt(s) with a 1000ms sleep to execute [OpenStream] failed. Last failure was [javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure]]
以下是用于准备SSLSocketFactory的代码:

X509Certificate cert = (X509Certificate)certFactory.generateCertificate(pemInputStream);
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load((LoadStoreParameter)null);
String alias = cert.getSubjectX500Principal().getName();
trustStore.setCertificateEntry(alias, cert);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(trustStore);

SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(kmf.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);

sslsocketfactory = sslContext.getSocketFactory();
我在这里遗漏了什么?

可能服务器不支持TLSv1.2?@Andreas也尝试了其他协议(-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2,SSLv3)。看起来像。可能服务器不支持TLSv1.2?@Andreas也尝试了其他协议(-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2,SSLv3)。看起来像。