【发布时间】:2017-05-30 10:11:22
【问题描述】:
客户端在发送请求时发送密码列表,但 cxf-jetty 服务器 不接受任何给定的密码并关闭会话。 下面是来自服务器端的 SSL 日志。当服务器使用 jdk6 运行但不使用更高版本的 java 时,它可以工作。我尝试设置 https.protocol 但没有任何帮助。我验证了所有密钥库也在 cacerts 中更新。任何线索或帮助将不胜感激? 还使用 org.apache.cxf.jaxws.JaxWsServerFactoryBean 创建服务器
tp1402834900-33,阅读:TLSv1.2 握手,长度 = 227 *** 客户端您好,TLSv1.2 RandomCookie: GMT: 1496138621 字节 = { 96, 63, 100, 252, 232, 36, 198, 68, 124, 190, 117, 1, 205, 237, 23, 156, 66, 68, 27, 72, 46, 44、245、6、67、240、24、181} 会话 ID:{} 密码套件:[TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA、TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA、TLS_ECDH_RSA_WITH_AES_128_CBC_SHA、TLS_DHE_RSA_WITH_AES_128_CBC_SHA、 TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_EMPTY_RENEGOTIATION_INFO_SCSV,SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA、SSL_RSA_EXPORT_WITH_DES40_CBC_SHA、SSL_DHE_RSA_EXPORT_WITH_DES40 _CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_SHA, TLS_KRB5_WITH_3DES_EDE_CBC_MD5, TLS_KRB5_WITH_DES_CBC_SHA, TLS_KRB5_WITH_DES_CBC_MD5, TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, TLS 压缩方法:{0} 扩展椭圆曲线,曲线名称:{secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} 扩展 ec_point_formats,格式:[未压缩] 扩展签名算法,签名算法:SHA512withECDSA,SHA512withRSA,SHA384withECDSA,SHA384withRSA,SHA256withECDSA,SHA256withRSA,未知(哈希:0x4,签名:0x2),SHA1withECDSA,SHA1withRSA,SHA1withDSA *** [阅读] MD5 和 SHA1 哈希:len = 227 ... %% 已初始化:[Session-12,SSL_NULL_WITH_NULL_NULL] qtp1402834900-29,调用closeOutbound() qtp1402834900-29,closeOutboundInternal()来自客户端的日志显示 SSLHandshake 异常
线程 38,写入:TLSv1.2 握手,长度 = 227 线程 38,收到 EOFException:错误 Thread-38,处理异常:javax.net.ssl.SSLHandshakeException: Remote 握手期间主机关闭连接 Thread-38,发送 TLSv1.2 ALERT:致命,描述 = handshake_failure 线程 38,写入:TLSv1.2 警报,长度 = 2 Thread-38,称为 closeSocket Thread-38,称为关闭 Thread-38,称为 closeInternal【问题讨论】:
标签: ssl encryption jetty cxf handshake