什么Java TLS操作会在握手时产生致命错误?
我正在尝试连接到我自己的新Minecraft服务器(来自我自己的客户机)。这是一个全新的Ubuntu 18.04安装,带有Java 10和最新的Minecraft 1.12服务器 在连接过程中,JRE正在建立与身份验证服务器的连接,整个连接(从Minecraft服务器的角度来看)以 问题出现在第105帧,其中发生什么Java TLS操作会在握手时产生致命错误?,java,ssl,minecraft,Java,Ssl,Minecraft,我正在尝试连接到我自己的新Minecraft服务器(来自我自己的客户机)。这是一个全新的Ubuntu 18.04安装,带有Java 10和最新的Minecraft 1.12服务器 在连接过程中,JRE正在建立与身份验证服务器的连接,整个连接(从Minecraft服务器的角度来看)以 问题出现在第105帧,其中发生内部错误。由于游戏是用Java编写的,我认为Java TLS实现很喜欢这种情况,而这种“内部错误”实际上可能意味着更多的东西? 我重新安装了Java证书(更新ca证书-f)作为可能的原因
内部错误。由于游戏是用Java编写的,我认为Java TLS实现很喜欢这种情况,而这种“内部错误”实际上可能意味着更多的东西?
我重新安装了Java证书(更新ca证书-f
)作为可能的原因之一,但运气不好。谢谢@gusto2的提示
这最终成为Ubuntu 18.04中的一个bug。详情载于;DR解决方案将以root用户身份运行
# /usr/bin/printf '\xfe\xed\xfe\xed\x00\x00\x00\x02\x00\x00\x00\x00\xe2\x68\x6e\x45\xfb\x43\xdf\xa4\xd9\x92\xdd\x41\xce\xb6\xb2\x1c\x63\x30\xd7\x92' > /etc/ssl/certs/java/cacerts
# /var/lib/dpkg/info/ca-certificates-java.postinst configure
当客户端不信任服务器的证书或其颁发者时,客户端可以通过任何事件生成此错误。您可以尝试使用-Djavax.net.debug=ssl:handshake
运行客户端以获取更多信息insight@gusto2:非常感谢你的提示-我最终发现了一个类似的问题,它指向Ubuntu 18.04中的一个bug。我把信息和解决办法放在了答案中。再次感谢
No. Time Source Destination Protocol Length Info
98 3.254294 10.200.0.133 54.230.198.91 TCP 74 43370 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=1994960819 TSecr=0 WS=128
No. Time Source Destination Protocol Length Info
99 3.265065 54.230.198.91 10.200.0.133 TCP 74 443 → 43370 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=1446415026 TSecr=1994960819 WS=256
No. Time Source Destination Protocol Length Info
100 3.265079 10.200.0.133 54.230.198.91 TCP 66 43370 → 443 [ACK] Seq=1 Ack=1 Win=29312 Len=0 TSval=1994960830 TSecr=1446415026
No. Time Source Destination Protocol Length Info
101 3.266259 10.200.0.133 54.230.198.91 TLSv1.2 342 Client Hello
No. Time Source Destination Protocol Length Info
102 3.275952 54.230.198.91 10.200.0.133 TCP 66 443 → 43370 [ACK] Seq=1 Ack=277 Win=30208 Len=0 TSval=1446415027 TSecr=1994960831
No. Time Source Destination Protocol Length Info
103 3.279589 54.230.198.91 10.200.0.133 TLSv1.2 5538 Server Hello, Certificate, Certificate Status, Server Key Exchange, Server Hello Done
Frame 103: 5538 bytes on wire (44304 bits), 5538 bytes captured (44304 bits)
Ethernet II, Src: 12:5b:d3:1d:51:cf (12:5b:d3:1d:51:cf), Dst: d6:8b:35:0c:a2:f2 (d6:8b:35:0c:a2:f2)
Internet Protocol Version 4, Src: 54.230.198.91, Dst: 10.200.0.133
Transmission Control Protocol, Src Port: 443, Dst Port: 43370, Seq: 1, Ack: 277, Len: 5472
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 65
Handshake Protocol: Server Hello
TLSv1.2 Record Layer: Handshake Protocol: Certificate
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 4566
Handshake Protocol: Certificate
TLSv1.2 Record Layer: Handshake Protocol: Certificate Status
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 479
Handshake Protocol: Certificate Status
TLSv1.2 Record Layer: Handshake Protocol: Server Key Exchange
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 333
Handshake Protocol: Server Key Exchange
TLSv1.2 Record Layer: Handshake Protocol: Server Hello Done
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 4
Handshake Protocol: Server Hello Done
No. Time Source Destination Protocol Length Info
104 3.279602 10.200.0.133 54.230.198.91 TCP 66 43370 → 443 [ACK] Seq=277 Ack=5473 Win=40192 Len=0 TSval=1994960844 TSecr=1446415028
Frame 104: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: d6:8b:35:0c:a2:f2 (d6:8b:35:0c:a2:f2), Dst: 12:5b:d3:1d:51:cf (12:5b:d3:1d:51:cf)
Internet Protocol Version 4, Src: 10.200.0.133, Dst: 54.230.198.91
Transmission Control Protocol, Src Port: 43370, Dst Port: 443, Seq: 277, Ack: 5473, Len: 0
No. Time Source Destination Protocol Length Info
105 3.280246 10.200.0.133 54.230.198.91 TLSv1.2 73 Alert (Level: Fatal, Description: Internal Error)
Frame 105: 73 bytes on wire (584 bits), 73 bytes captured (584 bits)
Ethernet II, Src: d6:8b:35:0c:a2:f2 (d6:8b:35:0c:a2:f2), Dst: 12:5b:d3:1d:51:cf (12:5b:d3:1d:51:cf)
Internet Protocol Version 4, Src: 10.200.0.133, Dst: 54.230.198.91
Transmission Control Protocol, Src Port: 43370, Dst Port: 443, Seq: 277, Ack: 5473, Len: 7
Secure Sockets Layer
TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)
Content Type: Alert (21)
Version: TLS 1.2 (0x0303)
Length: 2
Alert Message
Level: Fatal (2)
Description: Internal Error (80)
No. Time Source Destination Protocol Length Info
106 3.280277 10.200.0.133 54.230.198.91 TCP 66 43370 → 443 [FIN, ACK] Seq=284 Ack=5473 Win=40192 Len=0 TSval=1994960845 TSecr=1446415028
Frame 106: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: d6:8b:35:0c:a2:f2 (d6:8b:35:0c:a2:f2), Dst: 12:5b:d3:1d:51:cf (12:5b:d3:1d:51:cf)
Internet Protocol Version 4, Src: 10.200.0.133, Dst: 54.230.198.91
Transmission Control Protocol, Src Port: 43370, Dst Port: 443, Seq: 284, Ack: 5473, Len: 0
No. Time Source Destination Protocol Length Info
112 3.290075 54.230.198.91 10.200.0.133 TCP 66 443 → 43370 [FIN, ACK] Seq=5473 Ack=285 Win=30208 Len=0 TSval=1446415029 TSecr=1994960845
Frame 112: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: 12:5b:d3:1d:51:cf (12:5b:d3:1d:51:cf), Dst: d6:8b:35:0c:a2:f2 (d6:8b:35:0c:a2:f2)
Internet Protocol Version 4, Src: 54.230.198.91, Dst: 10.200.0.133
Transmission Control Protocol, Src Port: 443, Dst Port: 43370, Seq: 5473, Ack: 285, Len: 0
No. Time Source Destination Protocol Length Info
113 3.290088 10.200.0.133 54.230.198.91 TCP 66 43370 → 443 [ACK] Seq=285 Ack=5474 Win=40192 Len=0 TSval=1994960855 TSecr=1446415029
Frame 113: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: d6:8b:35:0c:a2:f2 (d6:8b:35:0c:a2:f2), Dst: 12:5b:d3:1d:51:cf (12:5b:d3:1d:51:cf)
Internet Protocol Version 4, Src: 10.200.0.133, Dst: 54.230.198.91
Transmission Control Protocol, Src Port: 43370, Dst Port: 443, Seq: 285, Ack: 5474, Len: 0
# /usr/bin/printf '\xfe\xed\xfe\xed\x00\x00\x00\x02\x00\x00\x00\x00\xe2\x68\x6e\x45\xfb\x43\xdf\xa4\xd9\x92\xdd\x41\xce\xb6\xb2\x1c\x63\x30\xd7\x92' > /etc/ssl/certs/java/cacerts
# /var/lib/dpkg/info/ca-certificates-java.postinst configure