Java SSL握手警报无协商
与Web服务通信时发生此错误 客户端报告的错误:Java SSL握手警报无协商,java,ssl,jsse,Java,Ssl,Jsse,与Web服务通信时发生此错误 客户端报告的错误: javax.net.ssl.SSLException: Received fatal alert: unexpected_message at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) at sun.security.ssl.SSLS
javax.net.ssl.SSLException: Received fatal alert: unexpected_message
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1991)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1098)
at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:903)
at sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:235)
at java.io.BufferedInputStream.read1(BufferedInputStream.java:275)
at java.io.BufferedInputStream.read(BufferedInputStream.java:334)
at sun.net.www.http.HttpClient.parseHTTPHeader(HttpClient.java:687)
at sun.net.www.http.HttpClient.parseHTTP(HttpClient.java:633)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1324)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2223)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2192)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:2036)
服务器日志中有一个错误
javax.net.ssl.SSLProtocolException:handshake\u alert
看起来服务器没有更新到RFC 5746
我偶然发现并发现
如果服务器没有按照RFC 5746响应,则客户端必须中止重新协商握手
然后我发现
sun.security.ssl.allowUnsafeRenegotiation-在第1阶段引入,它控制是否允许遗留(不安全)重新协商
临时修复程序是添加系统属性
-Dsun.security.ssl.allowUnsafeRenegotiation=true
但这并不是错误发生的真正原因。真正的原因是我的客户机使用的是旧的SSL
tlsClientParameters.setSecureSocketProtocol(“SSL”)代码>
我对该行进行了注释,因此使用了默认值:“TLS”
,之后通信工作正常