openjdk 1.8的Java SSL通信握手失败
我有一个java程序,它正在使用RESTTemplate与服务对话。我正在使用客户端证书与服务器通信。获取以下错误openjdk 1.8的Java SSL通信握手失败,java,ssl,keystore,sslhandshakeexception,Java,Ssl,Keystore,Sslhandshakeexception,我有一个java程序,它正在使用RESTTemplate与服务对话。我正在使用客户端证书与服务器通信。获取以下错误 当我启用调试日志时,我看到初始握手已完成,但随后失败,出现以下错误 有趣的是,我在笔记本电脑上运行它,它可以正常工作,但一旦我在容器上运行它,就会出现握手错误 我在笔记本电脑上运行oracle jdk,但在我的容器上运行OpenJDK-1.8.0.212版本。可能存在哪些问题 在容器中,我确实安装了truststore和keystore,我可以看到它正在使用,因为它失败的地方就
当我启用调试日志时,我看到初始握手已完成,但随后失败,出现以下错误 有趣的是,我在笔记本电脑上运行它,它可以正常工作,但一旦我在容器上运行它,就会出现握手错误 我在笔记本电脑上运行oracle jdk,但在我的容器上运行OpenJDK-1.8.0.212版本。可能存在哪些问题
在容器中,我确实安装了truststore和keystore,我可以看到它正在使用,因为它失败的地方就是我在SSL调试日志中显示的地方。选项1。您需要将您的信任库/密钥库添加到容器或环境的cacerts中,在那里您正在测试它,以便成功地进行握手
备选案文2。您可以让程序读取容器/沙盒/环境中密钥库文件的位置。因此您在主机上添加了一个证书,例如“keytool-import-trustcacerts-keystore$JAVA_HOME/jre/lib/security/cacerts…”?然后它在docker容器中失败了?您的容器中是否有cacerts文件?您的笔记本电脑上运行的是什么版本的Oracle JDK?服务运行的是什么版本的Java?那么为什么不将oracle jdk放在容器中呢?每个jdk-->上可用的密码可能存在差异。它已经存在了。我已经用这些细节更新了我的问题。
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
19:53:13.851 [main] DEBUG org.apache.http.impl.conn.DefaultManagedHttpClientConnection - http-outgoing-0: Shutdown connection
19:53:13.852 [main] DEBUG org.apache.http.impl.execchain.MainClientExec - Connection discarded
19:53:13.852 [main] DEBUG org.apache.http.impl.conn.PoolingHttpClientConnectionManager - Connection released: [id: 0][route: {s}->https://api.entrust.net:443][total kept alive: 0; route allocated: 0 of 2; total allocated: 0 of 20]
19:53:13.854 [main] ERROR com.x.y.z.provider.a.Client - exception I/O error on GET request for "https://api.entrust.net/enterprise/v2/application/version": Received fatal alert: handshake_failure; nested exception is javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
19:53:13.858 [main] DEBUG com.x.y.z.provider.a.Client - Map the failure exception {}
org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://api.entrust.net/enterprise/v2/application/version": Received fatal alert: handshake_failure; nested exception is javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:744)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:670)
*** CertificateVerify
Signature Algorithm SHA256withRSA
update handshake state: certificate_verify[15]
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
main, WRITE: TLSv1.2 Handshake, length = 264
update handshake state: change_cipher_spec
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
main, WRITE: TLSv1.2 Change Cipher Spec, length = 1
*** Finished
verify_data: { 101, 230, 249, 79, 106, 34, 167, 222, 44, 208, 111, 11 }
***
update handshake state: finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
**main, WRITE: TLSv1.2 Handshake, length = 40
main, READ: TLSv1.2 Alert, length = 2
main, RECV TLSv1.2 ALERT: fatal, handshake_failure
%% Invalidated: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]**
main, called closeSocket()