2
我将使用服务器开发和托管的某个Web服务。涉及SSL,客户端是Axis 1x,证书不是来自受信任的CA.javax.net.ssl.SSLHandshakeException:收到致命警报:handshake_failure
我想,我已经满足了所有需要的东西,比如创建一个自定义密钥库,拥有一个自定义SocketFactory和一个自定义TrustManager;但仍然收到handshake_failure。
这是我迄今所做的:
public class MyCustomSecureSocketFactory extends JSSESocketFactory
{
// ...
protected SSLContext getContext() throws Exception
{
char[] keyStorePass = "mypass";
java.io.File keyStoreFile = new java.io.File(System.getProperty("java.home") + "/lib/security/test_client_cert.jks";
if(!keyStoreFile.exists())
throw new Exception("Could not read the KeyStore file");
InputStream keyStoreIS = new java.io.FileInputStream(keyStoreFile);
try
{
KeyStore keyStore = KeyStore.getInstance("jks");//2012.04.24: KeyStore.getDefaultType());
keyStore.load(keyStoreIS, keyStorePass);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(keyStore, keyStorePass);
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(keyStore);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(new KeyManager[0], new TrustManager[] {new com.myapp.MyTrustManager()}, new SecureRandom());
return sslContext;
}
catch (Exception e)
{
throw e;
}
finally
{
keyStoreIS.close();
}
}
public javax.net.ssl.SSLSocket create(java.lang.String host, int port, StringBuffer otherHeaders, BooleanHolder useFullURL) throws Exception
{
javax.net.ssl.SSLSocket mySSLSocket = (SSLSocket) super.create(host, port, otherHeaders, useFullURL);
mySSLSocket.setEnabledProtocols("TLSv1,SSLv3".split(","));
//mySSLSocket.setEnabledCipherSuites(new String[] {"SSL_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_SHA", ... many more in this list, removed for brevity
return mySSLSocket;
}
}
测试JSP其中有:
AxisProperties.setProperty("https.proxyHost", myProxy);
AxisProperties.setProperty("https.proxyPort", myProxyPort);
AxisProperties.setProperty("https.proxyUser", myProxyUser);
AxisProperties.setProperty("https.proxyPassword", myProxyPass);
System.setProperty("https.protocols", "TLSv1");
AxisProperties.setProperty("axis.socketSecureFactory", "com.myApp.MyCustomSecureSocketFactory");
AxisProperties.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");
Service w_Service = new Service();
Call w_Call = (Call) w_Service.createCall();
w_Call.setTargetEndpointAddress(new java.net.URL("https://<<testsiteIPAddr>>/<<whatever>>/int/?wsdl"));
w_Call.setOperationName("GetInfo"); // takes 2 parameters
w_Call.addParameter("param1", org.apache.axis.Constants.XSD_STRING, ParameterMode.IN);
w_Call.addParameter("param2", org.apache.axis.Constants.XSD_STRING, ParameterMode.IN);
w_Call.setReturnType(org.apache.axis.Constants.XSD_STRING);
System.out.println("Invoking method ...");
String w_RetVal = (String) w_Call.invoke(new String[]{"test", "me"});
System.out.println("Method returned: " + w_RetVal);
服务器家伙只是有
C:\Program Files\Java\jdk1.6.0_17\bin>keytool -importkeystore -srckeystore D:\mywork\test_client_cert.p12 -srcstoretype PKCS12 -destkeystore test_client_cert.jks -deststoretype JKS
C:\Program Files\Java\jdk1.6.0_17\bin>copy test_client_cert.jks ..\jre\lib\security\
从我的代码摘录对我来说如下信息:
SSLProtocol all -SSLv2
SSLCipherSuite TLSv1:SSLv3:!SSLv2:!EXP:!NULL:!LOW:!aNULL:!eNULL
和报告:
访问日志:
"POST /<<whatever>>/int/?wsdl HTTP/1.0" 403 –
"POST /<<whatever>>/int/?wsdl HTTP/1.0" 403 –
错误日志:
Re-negotiation handshake failed: Not accepted by client!?
Re-negotiation handshake failed: Not accepted by client!?
请登录:
SSLv3 RC4-MD5 "POST /<<whatever>>/int/?wsdl HTTP/1.0" –
SSLv3 RC4-MD5 "POST /<<whatever>>/int/?wsdl HTTP/1.0" –
最后,SSL调试的某些部分(我从一开始就删除了一些行打印证书信息。顺便说一句,该证明书“不”在SSL调试显示):
13:57:14,200 INFO [STDOUT] ***
13:57:14,203 INFO [STDOUT] http-0.0.0.0-8080-3, READ: TLSv1 Handshake, length = 4
13:57:14,224 INFO [STDOUT] *** ServerHelloDone
13:57:14,241 INFO [STDOUT] *** ClientKeyExchange, RSA PreMasterSecret, TLSv1
13:57:14,241 INFO [STDOUT] http-0.0.0.0-8080-3, WRITE: TLSv1 Handshake, length = 134
13:57:14,242 INFO [STDOUT] SESSION KEYGEN:
13:57:14,248 INFO [STDOUT] PreMaster Secret:
000013:57:14,250 INFO [STDOUT] :
0313:57:14,251 INFO [STDOUT]
0113:57:14,251 INFO [STDOUT]
3813:57:14,251 INFO [STDOUT]
ED13:57:14,251 INFO [STDOUT]
7B13:57:14,251 INFO [STDOUT]
BF13:57:14,252 INFO [STDOUT]
A113:57:14,252 INFO [STDOUT]
3213:57:14,252 INFO [STDOUT]
13:57:14,252 INFO [STDOUT]
8313:57:14,252 INFO [STDOUT]
2313:57:14,252 INFO [STDOUT]
BE13:57:14,253 INFO [STDOUT]
9713:57:14,264 INFO [STDOUT]
9013:57:14,265 INFO [STDOUT]
4A13:57:14,267 INFO [STDOUT]
F013:57:14,275 INFO [STDOUT]
F813:57:14,277 INFO [STDOUT]
13:57:14,277 INFO [STDOUT]
13:57:14,277 INFO [STDOUT] .
13:57:14,278 INFO [STDOUT] .
813:57:14,278 INFO [STDOUT] .
13:57:14,278 INFO [STDOUT] .
13:57:14,278 INFO [STDOUT] .
13:57:14,278 INFO [STDOUT] .
213:57:14,279 INFO [STDOUT] .
#13:57:14,279 INFO [STDOUT] .
13:57:14,279 INFO [STDOUT] .
13:57:14,280 INFO [STDOUT] .
J13:57:14,290 INFO [STDOUT] .
13:57:14,290 INFO [STDOUT] .
001013:57:14,290 INFO [STDOUT] :
D913:57:14,290 INFO [STDOUT]
F613:57:14,290 INFO [STDOUT]
6F13:57:14,291 INFO [STDOUT]
2B13:57:14,291 INFO [STDOUT]
3913:57:14,291 INFO [STDOUT]
B913:57:14,291 INFO [STDOUT]
0813:57:14,291 INFO [STDOUT]
1013:57:14,292 INFO [STDOUT]
13:57:14,292 INFO [STDOUT]
6013:57:14,292 INFO [STDOUT]
D013:57:14,292 INFO [STDOUT]
5813:57:14,292 INFO [STDOUT]
8C13:57:14,293 INFO [STDOUT]
BF13:57:14,304 INFO [STDOUT]
6D13:57:14,308 INFO [STDOUT]
4513:57:14,314 INFO [STDOUT]
5813:57:14,317 INFO [STDOUT]
13:57:14,320 INFO [STDOUT]
13:57:14,320 INFO [STDOUT] .
13:57:14,321 INFO [STDOUT] .
o+913:57:14,321 INFO [STDOUT] .
13:57:14,322 INFO [STDOUT] .
13:57:14,322 INFO [STDOUT] .
`13:57:14,322 INFO [STDOUT] .
X13:57:14,322 INFO [STDOUT] .
13:57:14,323 INFO [STDOUT] .
mEX002013:57:14,323 INFO [STDOUT] :
AB13:57:14,323 INFO [STDOUT]
BB13:57:14,323 INFO [STDOUT]
0913:57:14,324 INFO [STDOUT]
7713:57:14,329 INFO [STDOUT]
8213:57:14,329 INFO [STDOUT]
5513:57:14,329 INFO [STDOUT]
B613:57:14,329 INFO [STDOUT]
3913:57:14,329 INFO [STDOUT]
13:57:14,330 INFO [STDOUT]
FA13:57:14,330 INFO [STDOUT]
3E13:57:14,330 INFO [STDOUT]
6C13:57:14,330 INFO [STDOUT]
0F13:57:14,330 INFO [STDOUT]
7A13:57:14,331 INFO [STDOUT]
3C13:57:14,331 INFO [STDOUT]
3F13:57:14,331 INFO [STDOUT]
7313:57:14,331 INFO [STDOUT]
13:57:14,331 INFO [STDOUT]
13:57:14,331 INFO [STDOUT] .
13:57:14,332 INFO [STDOUT] .
13:57:14,332 INFO [STDOUT] .
w13:57:14,332 INFO [STDOUT] .
U13:57:14,332 INFO [STDOUT] .
913:57:14,333 INFO [STDOUT] .
>l13:57:14,333 INFO [STDOUT] .
z<?s13:57:14,353 INFO [STDOUT] CONNECTION KEYGEN:
13:57:14,354 INFO [STDOUT] Client Nonce:
000013:57:14,357 INFO [STDOUT] :
4F13:57:14,359 INFO [STDOUT]
9613:57:14,360 INFO [STDOUT]
6313:57:14,368 INFO [STDOUT]
E113:57:14,371 INFO [STDOUT]
4813:57:14,372 INFO [STDOUT]
2F13:57:14,381 INFO [STDOUT]
FB13:57:14,383 INFO [STDOUT]
F613:57:14,383 INFO [STDOUT]
13:57:14,383 INFO [STDOUT]
9E13:57:14,383 INFO [STDOUT]
C813:57:14,383 INFO [STDOUT]
3D13:57:14,383 INFO [STDOUT]
F513:57:14,384 INFO [STDOUT]
1613:57:14,384 INFO [STDOUT]
DE13:57:14,384 INFO [STDOUT]
4F13:57:14,384 INFO [STDOUT]
5913:57:14,384 INFO [STDOUT]
13:57:14,384 INFO [STDOUT]
O13:57:14,385 INFO [STDOUT] .
c13:57:14,385 INFO [STDOUT] .
H/13:57:14,385 INFO [STDOUT] .
13:57:14,385 INFO [STDOUT] .
13:57:14,386 INFO [STDOUT] .
13:57:14,399 INFO [STDOUT] .
=13:57:14,400 INFO [STDOUT] .
13:57:14,400 INFO [STDOUT] .
13:57:14,400 INFO [STDOUT] .
OY001013:57:14,400 INFO [STDOUT] :
2F13:57:14,401 INFO [STDOUT]
0513:57:14,401 INFO [STDOUT]
9413:57:14,402 INFO [STDOUT]
1C13:57:14,407 INFO [STDOUT]
4213:57:14,411 INFO [STDOUT]
E413:57:14,412 INFO [STDOUT]
F413:57:14,414 INFO [STDOUT]
C613:57:14,422 INFO [STDOUT]
13:57:14,422 INFO [STDOUT]
7213:57:14,422 INFO [STDOUT]
5613:57:14,422 INFO [STDOUT]
4A13:57:14,423 INFO [STDOUT]
9C13:57:14,423 INFO [STDOUT]
9813:57:14,423 INFO [STDOUT]
AD13:57:14,423 INFO [STDOUT]
B813:57:14,423 INFO [STDOUT]
0713:57:14,423 INFO [STDOUT]
13:57:14,424 INFO [STDOUT]
/13:57:14,424 INFO [STDOUT] .
13:57:14,424 INFO [STDOUT] .
13:57:14,424 INFO [STDOUT] .
B13:57:14,424 INFO [STDOUT] .
13:57:14,425 INFO [STDOUT] .
13:57:14,425 INFO [STDOUT] .
rVJ13:57:14,425 INFO [STDOUT] .
13:57:14,425 INFO [STDOUT] .
13:57:14,425 INFO [STDOUT] .
13:57:14,425 INFO [STDOUT] .
13:57:14,426 INFO [STDOUT] .
13:57:14,427 INFO [STDOUT] Server Nonce:
000013:57:14,439 INFO [STDOUT] :
4F13:57:14,447 INFO [STDOUT]
9613:57:14,450 INFO [STDOUT]
6313:57:14,452 INFO [STDOUT]
E613:57:14,453 INFO [STDOUT]
DA13:57:14,461 INFO [STDOUT]
D413:57:14,466 INFO [STDOUT]
D113:57:14,466 INFO [STDOUT]
6913:57:14,473 INFO [STDOUT]
13:57:14,476 INFO [STDOUT]
F413:57:14,478 INFO [STDOUT]
1513:57:14,479 INFO [STDOUT]
4213:57:14,488 INFO [STDOUT]
0513:57:14,490 INFO [STDOUT]
1413:57:14,490 INFO [STDOUT]
5613:57:14,492 INFO [STDOUT]
1913:57:14,500 INFO [STDOUT]
D013:57:14,503 INFO [STDOUT]
13:57:14,505 INFO [STDOUT]
O13:57:14,506 INFO [STDOUT] .
c13:57:14,515 INFO [STDOUT] .
13:57:14,517 INFO [STDOUT] .
13:57:14,519 INFO [STDOUT] .
13:57:14,521 INFO [STDOUT] .
i13:57:14,531 INFO [STDOUT] .
13:57:14,532 INFO [STDOUT] .
B13:57:14,532 INFO [STDOUT] .
13:57:14,540 INFO [STDOUT] .
V13:57:14,542 INFO [STDOUT] .
13:57:14,542 INFO [STDOUT] .
001013:57:14,542 INFO [STDOUT] :
D813:57:14,542 INFO [STDOUT]
9F13:57:14,543 INFO [STDOUT]
DD13:57:14,543 INFO [STDOUT]
1813:57:14,543 INFO [STDOUT]
9E13:57:14,543 INFO [STDOUT]
3413:57:14,543 INFO [STDOUT]
CF13:57:14,544 INFO [STDOUT]
DC13:57:14,544 INFO [STDOUT]
13:57:14,544 INFO [STDOUT]
1213:57:14,544 INFO [STDOUT]
6D13:57:14,544 INFO [STDOUT]
5D13:57:14,544 INFO [STDOUT]
7D13:57:14,545 INFO [STDOUT]
7F13:57:14,546 INFO [STDOUT]
2413:57:14,557 INFO [STDOUT]
6813:57:14,559 INFO [STDOUT]
2613:57:14,567 INFO [STDOUT]
13:57:14,569 INFO [STDOUT]
13:57:14,569 INFO [STDOUT] .
13:57:14,569 INFO [STDOUT] .
13:57:14,569 INFO [STDOUT] .
13:57:14,569 INFO [STDOUT] .
13:57:14,569 INFO [STDOUT] .
413:57:14,570 INFO [STDOUT] .
13:57:14,570 INFO [STDOUT] .
13:57:14,570 INFO [STDOUT] .
m]13:57:14,570 INFO [STDOUT] .
13:57:14,570 INFO [STDOUT] .
$h&13:57:14,571 INFO [STDOUT] Master Secret:
000013:57:14,571 INFO [STDOUT] :
A813:57:14,571 INFO [STDOUT]
5313:57:14,571 INFO [STDOUT]
1013:57:14,571 INFO [STDOUT]
5613:57:14,572 INFO [STDOUT]
3213:57:14,585 INFO [STDOUT]
AD13:57:14,585 INFO [STDOUT]
A613:57:14,586 INFO [STDOUT]
A213:57:14,586 INFO [STDOUT]
13:57:14,586 INFO [STDOUT]
BB13:57:14,586 INFO [STDOUT]
A213:57:14,587 INFO [STDOUT]
1F13:57:14,588 INFO [STDOUT]
8D13:57:14,588 INFO [STDOUT]
4613:57:14,594 INFO [STDOUT]
5F13:57:14,594 INFO [STDOUT]
E813:57:14,594 INFO [STDOUT]
DD13:57:14,597 INFO [STDOUT]
13:57:14,598 INFO [STDOUT]
13:57:14,600 INFO [STDOUT] .
S13:57:14,609 INFO [STDOUT] .
V213:57:14,609 INFO [STDOUT] .
13:57:14,609 INFO [STDOUT] .
13:57:14,610 INFO [STDOUT] .
13:57:14,610 INFO [STDOUT] .
13:57:14,610 INFO [STDOUT] .
13:57:14,610 INFO [STDOUT] .
13:57:14,610 INFO [STDOUT] .
F_13:57:14,610 INFO [STDOUT] .
13:57:14,611 INFO [STDOUT] .
001013:57:14,611 INFO [STDOUT] :
4813:57:14,611 INFO [STDOUT]
6813:57:14,611 INFO [STDOUT]
3013:57:14,611 INFO [STDOUT]
ED13:57:14,612 INFO [STDOUT]
BF13:57:14,612 INFO [STDOUT]
1513:57:14,612 INFO [STDOUT]
F513:57:14,612 INFO [STDOUT]
A713:57:14,612 INFO [STDOUT]
13:57:14,612 INFO [STDOUT]
7B13:57:14,613 INFO [STDOUT]
0513:57:14,624 INFO [STDOUT]
AF13:57:14,626 INFO [STDOUT]
EC13:57:14,634 INFO [STDOUT]
DE13:57:14,636 INFO [STDOUT]
EE13:57:14,636 INFO [STDOUT]
4D13:57:14,636 INFO [STDOUT]
5513:57:14,636 INFO [STDOUT]
13:57:14,637 INFO [STDOUT]
Hh013:57:14,637 INFO [STDOUT] .
13:57:14,637 INFO [STDOUT] .
13:57:14,637 INFO [STDOUT] .
13:57:14,637 INFO [STDOUT] .
13:57:14,637 INFO [STDOUT] .
13:57:14,638 INFO [STDOUT] .
13:57:14,638 INFO [STDOUT] .
13:57:14,638 INFO [STDOUT] .
13:57:14,638 INFO [STDOUT] .
13:57:14,639 INFO [STDOUT] .
13:57:14,652 INFO [STDOUT] .
MU002013:57:14,652 INFO [STDOUT] :
8313:57:14,652 INFO [STDOUT]
D513:57:14,653 INFO [STDOUT]
4813:57:14,653 INFO [STDOUT]
ED13:57:14,654 INFO [STDOUT]
DC13:57:14,660 INFO [STDOUT]
FD13:57:14,662 INFO [STDOUT]
EF13:57:14,665 INFO [STDOUT]
2E13:57:14,666 INFO [STDOUT]
13:57:14,674 INFO [STDOUT]
3213:57:14,678 INFO [STDOUT]
B513:57:14,678 INFO [STDOUT]
2813:57:14,678 INFO [STDOUT]
D713:57:14,678 INFO [STDOUT]
AB13:57:14,679 INFO [STDOUT]
9113:57:14,687 INFO [STDOUT]
B513:57:14,689 INFO [STDOUT]
6B13:57:14,689 INFO [STDOUT]
13:57:14,689 INFO [STDOUT]
13:57:14,689 INFO [STDOUT] .
13:57:14,689 INFO [STDOUT] .
H13:57:14,689 INFO [STDOUT] .
13:57:14,690 INFO [STDOUT] .
13:57:14,690 INFO [STDOUT] .
13:57:14,690 INFO [STDOUT] .
.213:57:14,690 INFO [STDOUT] .
(13:57:14,690 INFO [STDOUT] .
13:57:14,690 INFO [STDOUT] .
13:57:14,691 INFO [STDOUT] .
13:57:14,691 INFO [STDOUT] .
k13:57:14,691 INFO [STDOUT] Client MAC write Secret:
000013:57:14,691 INFO [STDOUT] :
BC13:57:14,692 INFO [STDOUT]
E713:57:14,692 INFO [STDOUT]
8313:57:14,692 INFO [STDOUT]
C613:57:14,692 INFO [STDOUT]
AB13:57:14,692 INFO [STDOUT]
2313:57:14,692 INFO [STDOUT]
6E13:57:14,693 INFO [STDOUT]
5413:57:14,706 INFO [STDOUT]
13:57:14,714 INFO [STDOUT]
8E13:57:14,714 INFO [STDOUT]
1A13:57:14,714 INFO [STDOUT]
DD13:57:14,714 INFO [STDOUT]
4613:57:14,715 INFO [STDOUT]
EC13:57:14,715 INFO [STDOUT]
2213:57:14,715 INFO [STDOUT]
5813:57:14,715 INFO [STDOUT]
2513:57:14,715 INFO [STDOUT]
13:57:14,716 INFO [STDOUT]
13:57:14,716 INFO [STDOUT] .
13:57:14,716 INFO [STDOUT] .
13:57:14,717 INFO [STDOUT] .
13:57:14,717 INFO [STDOUT] .
13:57:14,717 INFO [STDOUT] .
#nT13:57:14,717 INFO [STDOUT] .
13:57:14,717 INFO [STDOUT] .
13:57:14,718 INFO [STDOUT] .
F13:57:14,718 INFO [STDOUT] .
"X%13:57:14,718 INFO [STDOUT] Server MAC write Secret:
000013:57:14,718 INFO [STDOUT] :
0713:57:14,719 INFO [STDOUT]
1D13:57:14,719 INFO [STDOUT]
3213:57:14,719 INFO [STDOUT]
9613:57:14,720 INFO [STDOUT]
8013:57:14,720 INFO [STDOUT]
6413:57:14,721 INFO [STDOUT]
DD13:57:14,731 INFO [STDOUT]
AF13:57:14,733 INFO [STDOUT]
13:57:14,733 INFO [STDOUT]
E913:57:14,733 INFO [STDOUT]
A713:57:14,733 INFO [STDOUT]
2513:57:14,741 INFO [STDOUT]
6413:57:14,744 INFO [STDOUT]
6C13:57:14,745 INFO [STDOUT]
BE13:57:14,753 INFO [STDOUT]
6413:57:14,755 INFO [STDOUT]
2213:57:14,755 INFO [STDOUT]
13:57:14,755 INFO [STDOUT]
13:57:14,756 INFO [STDOUT] .
13:57:14,756 INFO [STDOUT] .
213:57:14,756 INFO [STDOUT] .
13:57:14,756 INFO [STDOUT] .
d13:57:14,756 INFO [STDOUT] .
13:57:14,757 INFO [STDOUT] .
13:57:14,757 INFO [STDOUT] .
13:57:14,757 INFO [STDOUT] .
%dl13:57:14,757 INFO [STDOUT] .
d"13:57:14,757 INFO [STDOUT] Client write key:
000013:57:14,758 INFO [STDOUT] :
B313:57:14,758 INFO [STDOUT]
DD13:57:14,759 INFO [STDOUT]
BB13:57:14,771 INFO [STDOUT]
3013:57:14,771 INFO [STDOUT]
E713:57:14,772 INFO [STDOUT]
9C13:57:14,780 INFO [STDOUT]
B213:57:14,780 INFO [STDOUT]
8013:57:14,780 INFO [STDOUT]
13:57:14,780 INFO [STDOUT]
AD13:57:14,781 INFO [STDOUT]
7013:57:14,781 INFO [STDOUT]
2513:57:14,781 INFO [STDOUT]
FF13:57:14,781 INFO [STDOUT]
9413:57:14,782 INFO [STDOUT]
1013:57:14,782 INFO [STDOUT]
D913:57:14,782 INFO [STDOUT]
E813:57:14,782 INFO [STDOUT]
13:57:14,782 INFO [STDOUT]
13:57:14,783 INFO [STDOUT] .
13:57:14,783 INFO [STDOUT] .
13:57:14,783 INFO [STDOUT] .
013:57:14,783 INFO [STDOUT] .
13:57:14,783 INFO [STDOUT] .
13:57:14,783 INFO [STDOUT] .
13:57:14,783 INFO [STDOUT] .
13:57:14,784 INFO [STDOUT] .
p%13:57:14,785 INFO [STDOUT] .
13:57:14,785 INFO [STDOUT] .
13:57:14,785 INFO [STDOUT] .
13:57:14,785 INFO [STDOUT] .
13:57:14,785 INFO [STDOUT] .
13:57:14,788 INFO [STDOUT] Server write key:
000013:57:14,798 INFO [STDOUT] :
C913:57:14,799 INFO [STDOUT]
8513:57:14,807 INFO [STDOUT]
6F13:57:14,810 INFO [STDOUT]
7C13:57:14,812 INFO [STDOUT]
2F13:57:14,813 INFO [STDOUT]
3413:57:14,822 INFO [STDOUT]
E013:57:14,822 INFO [STDOUT]
A413:57:14,822 INFO [STDOUT]
13:57:14,822 INFO [STDOUT]
4F13:57:14,822 INFO [STDOUT]
2713:57:14,822 INFO [STDOUT]
6D13:57:14,823 INFO [STDOUT]
3813:57:14,823 INFO [STDOUT]
A213:57:14,823 INFO [STDOUT]
0D13:57:14,823 INFO [STDOUT]
BB13:57:14,823 INFO [STDOUT]
0913:57:14,824 INFO [STDOUT]
13:57:14,824 INFO [STDOUT]
13:57:14,824 INFO [STDOUT] .
13:57:14,824 INFO [STDOUT] .
o13:57:14,824 INFO [STDOUT] .
/413:57:14,825 INFO [STDOUT] .
13:57:14,839 INFO [STDOUT] .
O'm813:57:14,839 INFO [STDOUT] .
13:57:14,839 INFO [STDOUT] .
13:57:14,840 INFO [STDOUT] .
13:57:14,841 INFO [STDOUT] .
13:57:14,841 INFO [STDOUT] ... no IV used for this cipher
13:57:14,843 INFO [STDOUT] http-0.0.0.0-8080-3, WRITE: TLSv1 Change Cipher Spec, length = 1
13:57:14,852 INFO [STDOUT] *** Finished
13:57:14,853 INFO [STDOUT] verify_data: {
13:57:14,854 INFO [STDOUT] 65
13:57:14,860 INFO [STDOUT] ,
13:57:14,862 INFO [STDOUT] 193
13:57:14,862 INFO [STDOUT] ,
13:57:14,862 INFO [STDOUT] 213
13:57:14,862 INFO [STDOUT] ,
13:57:14,862 INFO [STDOUT] 102
13:57:14,862 INFO [STDOUT] ,
13:57:14,863 INFO [STDOUT] 29
13:57:14,863 INFO [STDOUT] ,
13:57:14,864 INFO [STDOUT] 45
13:57:14,864 INFO [STDOUT] ,
13:57:14,864 INFO [STDOUT] 222
13:57:14,864 INFO [STDOUT] ,
13:57:14,865 INFO [STDOUT] 35
13:57:14,866 INFO [STDOUT] ,
13:57:14,875 INFO [STDOUT] 48
13:57:14,877 INFO [STDOUT] ,
13:57:14,879 INFO [STDOUT] 140
13:57:14,887 INFO [STDOUT] ,
13:57:14,889 INFO [STDOUT] 65
13:57:14,892 INFO [STDOUT] ,
13:57:14,893 INFO [STDOUT] 185
13:57:14,912 INFO [STDOUT] }
13:57:14,919 INFO [STDOUT] ***
13:57:14,919 INFO [STDOUT] http-0.0.0.0-8080-3, WRITE: TLSv1 Handshake, length = 32
13:57:15,243 INFO [STDOUT] http-0.0.0.0-8080-3, READ: TLSv1 Change Cipher Spec, length = 1
13:57:15,245 INFO [STDOUT] http-0.0.0.0-8080-3, READ: TLSv1 Handshake, length = 32
13:57:15,246 INFO [STDOUT] *** Finished
13:57:15,248 INFO [STDOUT] verify_data: {
13:57:15,254 INFO [STDOUT] 120
13:57:15,254 INFO [STDOUT] ,
13:57:15,257 INFO [STDOUT] 145
13:57:15,259 INFO [STDOUT] ,
13:57:15,261 INFO [STDOUT] 73
13:57:15,261 INFO [STDOUT] ,
13:57:15,261 INFO [STDOUT] 165
13:57:15,261 INFO [STDOUT] ,
13:57:15,262 INFO [STDOUT] 66
13:57:15,262 INFO [STDOUT] ,
13:57:15,262 INFO [STDOUT] 34
13:57:15,262 INFO [STDOUT] ,
13:57:15,262 INFO [STDOUT] 229
13:57:15,263 INFO [STDOUT] ,
13:57:15,263 INFO [STDOUT] 142
13:57:15,263 INFO [STDOUT] ,
13:57:15,263 INFO [STDOUT] 175
13:57:15,263 INFO [STDOUT] ,
13:57:15,263 INFO [STDOUT] 87
13:57:15,264 INFO [STDOUT] ,
13:57:15,276 INFO [STDOUT] 1
13:57:15,278 INFO [STDOUT] ,
13:57:15,286 INFO [STDOUT] 103
13:57:15,289 INFO [STDOUT] }
13:57:15,290 INFO [STDOUT] ***
13:57:15,291 INFO [STDOUT] %% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
13:57:15,314 INFO [STDOUT] http-0.0.0.0-8080-3, setSoTimeout(600000) called
13:57:15,315 INFO [STDOUT] http-0.0.0.0-8080-3, WRITE: TLSv1 Application Data, length = 703
13:57:15,534 INFO [STDOUT] http-0.0.0.0-8080-3, READ: TLSv1 Alert, length = 18
13:57:15,536 INFO [STDOUT] http-0.0.0.0-8080-3
13:57:15,538 INFO [STDOUT] , RECV TLSv1 ALERT:
13:57:15,541 INFO [STDOUT] fatal,
13:57:15,548 INFO [STDOUT] handshake_failure
13:57:15,568 INFO [STDOUT] %% Invalidated: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
13:57:15,569 INFO [STDOUT] http-0.0.0.0-8080-3, called closeSocket()
13:57:15,570 INFO [STDOUT] http-0.0.0.0-8080-3, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
13:57:15,570 INFO [STDOUT] http-0.0.0.0-8080-3, called close()
13:57:15,570 INFO [STDOUT] http-0.0.0.0-8080-3, called closeInternal(true)
13:57:15,594 ERROR [STDERR] AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1682)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:932)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:746)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
at java.io.BufferedInputStream.read(BufferedInputStream.java:237)
at org.apache.axis.transport.http.HTTPSender.readHeadersFromSocket(HTTPSender.java:583)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:143)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
- 我试图评论的allowUnsafeRenegotiation或将其设置为真/假
- 启用或注释掉setEnabledCiphers
- 将提供的客户端证书导入默认密钥存储区而不是自定义密钥存储区
- SSLContext.getInstance(“TLS”)以及“SSL”
- SSLSocket :: setEnabledProtocols with SSLv 3,TLSv1等组合。
- 重做整个密钥工具操作一遍
仍然没有运气。我陷入了同样的错误 - 从3天开始!
希望在这方面的帮助。
TIA。
感谢您的回复。相反,我转移到了Axis2,并能够使用我之前配置的相同密钥库成功地与上述Web服务进行通信。不过,我会很快尝试您的建议,并在将您的答案标记为正确答案之前自行验证。 – kpatil 2012-05-03 07:53:33
这对我有效!谢谢! – 2012-07-12 11:54:55
我有类似的SSL证书问题,并升级到JDK 1.7为我工作。感谢分享您的经验。 – realPK 2014-12-01 22:57:42