1
我的服务器安装了ColdFusion 10。我收到以下错误,当我测试我的服务器上Authorize.net支付:I/O异常:收到致命警报:protocol_version - Coldfusion + Authorize.net
I/O Exception: Received fatal alert: protocol_version
这里是CFHTTP请求:
<cfhttp method="Post" url="https://test.authorize.net/gateway/transact.dll" result="test">
//Passed params here
</cfhttp>
貌似这个错误是由于一个SSL andshake_failure。调试并解决此问题。我跟着this tutorial将我的证书添加到我的密钥库。
这里是ColdFusion的-out.log细节吧:
AM Information [ajp-bio-8012-exec-6] - Starting HTTP request {URL='https://test.authorize.net:443/gateway/transact.dll', method='Post'}
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1511005047 bytes = { 67, 167, 50, 23, 163, 143, 93, 78, 34, 130, 190, 65, 198, 95, 171, 222, 138, 10, 186, 140, 135, 200, 81, 223, 162, 61, 12, 196 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension server_name, server_name: [host_name: test.authorize.net]
***
[write] MD5 and SHA1 hashes: len = 176
0000: 01 00 00 AC 03 01 5A 10 1B 77 43 A7 32 17 A3 8F ......Z..wC.2...
0010: 5D 4E 22 82 BE 41 C6 5F AB DE 8A 0A BA 8C 87 C8 ]N"..A._........
0020: 51 DF A2 3D 0C C4 00 00 2A C0 09 C0 13 00 2F C0 Q..=....*...../.
0030: 04 C0 0E 00 33 00 32 C0 08 C0 12 00 0A C0 03 C0 ....3.2.........
0040: 0D 00 16 00 13 C0 07 C0 11 00 05 C0 02 C0 0C 00 ................
0050: 04 00 FF 01 00 00 59 00 0A 00 34 00 32 00 17 00 ......Y...4.2...
0060: 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 ................
0070: 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 ................
0080: 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 00 ................
0090: 0B 00 02 01 00 00 00 00 17 00 15 00 00 12 74 65 ..............te
00A0: 73 74 2E 61 75 74 68 6F 72 69 7A 65 2E 6E 65 74 st.authorize.net
ajp-bio-8012-exec-6, WRITE: TLSv1 Handshake, length = 176
[Raw write]: length = 181
0000: 16 03 01 00 B0 01 00 00 AC 03 01 5A 10 1B 77 43 ...........Z..wC
0010: A7 32 17 A3 8F 5D 4E 22 82 BE 41 C6 5F AB DE 8A .2...]N"..A._...
0020: 0A BA 8C 87 C8 51 DF A2 3D 0C C4 00 00 2A C0 09 .....Q..=....*..
0030: C0 13 00 2F C0 04 C0 0E 00 33 00 32 C0 08 C0 12 .../.....3.2....
0040: 00 0A C0 03 C0 0D 00 16 00 13 C0 07 C0 11 00 05 ................
0050: C0 02 C0 0C 00 04 00 FF 01 00 00 59 00 0A 00 34 ...........Y...4
0060: 00 32 00 17 00 01 00 03 00 13 00 15 00 06 00 07 .2..............
0070: 00 09 00 0A 00 18 00 0B 00 0C 00 19 00 0D 00 0E ................
0080: 00 0F 00 10 00 11 00 02 00 12 00 04 00 05 00 14 ................
0090: 00 08 00 16 00 0B 00 02 01 00 00 00 00 17 00 15 ................
00A0: 00 00 12 74 65 73 74 2E 61 75 74 68 6F 72 69 7A ...test.authoriz
00B0: 65 2E 6E 65 74 e.net
[Raw read]: length = 5
0000: 15 03 01 00 02 .....
[Raw read]: length = 2
0000: 02 46 .F
ajp-bio-8012-exec-6, READ: TLSv1 Alert, length = 2
ajp-bio-8012-exec-6, RECV TLSv1 ALERT: fatal, protocol_version
ajp-bio-8012-exec-6, called closeSocket()
ajp-bio-8012-exec-6, handling exception: javax.net.ssl.SSLException: Received fatal alert: protocol_version
Finalizer, called close()
Finalizer, called closeInternal(true)
添加认证后,我还是收到了同样的错误。然后,我在jvm.config中添加了以下几行:
-Djavax.net.ssl.keyStore=C:\\ColdFusion10\\jre\\lib\\security\\cacerts
-Djavax.net.ssl.keyStorePassword=password
-Djavax.net.ssl=debug
-Djavax.net.debug=all
我仍然遇到同样的错误。
还有一个想法是,Authorize.net需要TLS 1.2来处理它们的API请求。我目前在CF 10上使用Java 1.7。我是否需要将我的Java版本升级到1.8才能提出请求?任何人都可以帮我解决这个问题吗?