我已经使用ApacheCXF(v3.0.4)实现了一个JAX-WS客户端,并且一切正常,但问题出现在我想要使用与java 8(jdk1.8.0_25)的安全连接(SSL/TLS)。扩展服务器名称(SNI扩展)不与jdk1.8.0一起发送,但使用jdk1.7.0发送
我看到在日志中出现以下异常(-Djavax.net.debug =全部):
main, handling exception: java.net.SocketException: Connection reset
main, SEND TLSv1.2 ALERT: fatal, description = unexpected_message
main, WRITE: TLSv1.2 Alert, length = 2
main, Exception sending alert: java.net.SocketException: Connection reset by peer: socket write error
后,我已经注意到了此问题,是因为引起了depeer分析与Java 8中的服务器名(SNI)不发送,但使用Java 7发送并且Web服务调用成功运行。
的Java 8日志(-Djavax.net.debug =全部):缺少 “扩展服务器名”
[...]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
***
[...]
Java 7的日志(-Djavax.net.debug =全部)(作品): “扩展服务器名” 被设置
[...]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
Extension server_name, server_name: [host_name: testeo.hostname.es]
***
[...]
据观察,与Java 7 扩展服务器名,服务器名:[HOST_NAME:testeo.hostname.es]被设置,然后将带状片S服务调用成功。
为什么Java 8没有像Java 7那样设置server_name?它是一个Java配置问题?
欢迎来到Stack Overflow!与论坛网站不同,我们不使用“谢谢”或“任何帮助表示赞赏”,或在[so]上签名。请参阅“[应该'嗨','谢谢',标语和致敬从帖子中删除?](http://meta.stackexchange.com/questions/2950/should-hi-thanks-taglines-and-salutations-be ),这是“预先感谢”,而不是“感谢先进” –