当前位置:theitroad>我收到 javax.net.ssl.SSLHandshakeException:握手期间远程主机关闭连接

我收到 javax.net.ssl.SSLHandshakeException:握手期间远程主机关闭连接

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/31883713/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-11 11:44:24  来源:igfitidea点击:

I received javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

javasslapache-httpclient-4.x

提问by Héctor

When I tried to make a ajax call with httpclient 4.4.1 to hit a web service that it is located in other site, and I'm seeing the following problem:

当我尝试使用 httpclient 4.4.1 进行 ajax 调用以访问它位于其他站点的 Web 服务时,我看到以下问题: 

javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.upgrade(DefaultHttpClientConnectionOperator.java:185)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.upgrade(PoolingHttpClientConnectionManager.java:369)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:415)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
at utilities.Utilities.executeRequest(Utilities.java:229)
at utilities.Utilities.makePost(Utilities.java:301)
at utilities.Utilities.makePost(Utilities.java:307)
at utilities.AudioUtteranceUtilities.createAudioUtterance(AudioUtteranceUtilities.java:21)
at dataset.tst_preprod.CommonSteps.createDataSet(CommonSteps.java:35)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.jbehave.core.steps.StepCreator$MethodInvoker.invoke(StepCreator.java:798)
at org.jbehave.core.steps.StepCreator$BeforeOrAfterStep.perform(StepCreator.java:489)
at org.jbehave.core.embedder.StoryRunner$FineSoFar.run(StoryRunner.java:535)
at org.jbehave.core.embedder.StoryRunner.runStepsWhileKeepingState(StoryRunner.java:515)
at org.jbehave.core.embedder.StoryRunner.runBeforeOrAfterStorySteps(StoryRunner.java:460)
at org.jbehave.core.embedder.StoryRunner.runCancellable(StoryRunner.java:268)
at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:220)
at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:181)
at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:262)
at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:229)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at sun.security.ssl.InputRecord.read(Unknown Source)
... 38 more

I have jre8 and the debug is the following

我有 jre8,调试如下

            *** ClientHello, TLSv1.2
        RandomCookie:  GMT: 1422120426 bytes = { 181, 85, 212, 79, 3, 50, 253, 71, 166, 7, 222, 228, 188, 111, 117, 149, 155, 68, 136, 84, 225, 133, 134, 154, 8, 102, 86, 188 }
        Session ID:  {}
        Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
        Compression Methods:  { 0 }
        Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
        Extension ec_point_formats, formats: [uncompressed]
        Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
        Extension server_name, server_name: [type=host_name (0), value=ldsnewtst01.amr.corp.intel.com]
        ***
        [write] MD5 and SHA1 hashes:  len = 246
        0000: 01 00 00 F2 03 03 55 C4   D6 EA B5 55 D4 4F 03 32  ......U....U.O.2
        0010: FD 47 A6 07 DE E4 BC 6F   75 95 9B 44 88 54 E1 85  .G.....ou..D.T..
        0020: 86 9A 08 66 56 BC 00 00   46 C0 23 C0 27 00 3C C0  ...fV...F.#.'.<.
        0030: 25 C0 29 00 67 00 40 C0   09 C0 13 00 2F C0 04 C0  %.).g.@...../...
        0040: 0E 00 33 00 32 C0 2B C0   2F 00 9C C0 2D C0 31 00  ..3.2.+./...-.1.
        0050: 9E 00 A2 C0 08 C0 12 00   0A C0 03 C0 0D 00 16 00  ................
        0060: 13 C0 07 C0 11 00 05 C0   02 C0 0C 00 04 00 FF 01  ................
        0070: 00 00 83 00 0A 00 34 00   32 00 17 00 01 00 03 00  ......4.2.......
        0080: 13 00 15 00 06 00 07 00   09 00 0A 00 18 00 0B 00  ................
        0090: 0C 00 19 00 0D 00 0E 00   0F 00 10 00 11 00 02 00  ................
        00A0: 12 00 04 00 05 00 14 00   08 00 16 00 0B 00 02 01  ................
        00B0: 00 00 0D 00 1A 00 18 06   03 06 01 05 03 05 01 04  ................
        00C0: 03 04 01 03 03 03 01 02   03 02 01 02 02 01 01 00  ................
        00D0: 00 00 23 00 21 00 00 1E   6C 64 73 6E 65 77 74 73  ..#.!...ldsnewts
        00E0: 74 30 31 2E 61 6D 72 2E   63 6F 72 70 2E 69 6E 74  t01.amr.corp.int
        00F0: 65 6C 2E 63 6F 6D                                  el.com
        pool-1-thread-1, WRITE: TLSv1.2 Handshake, length = 246
        [Raw write]: length = 251
        0000: 16 03 03 00 F6 01 00 00   F2 03 03 55 C4 D6 EA B5  ...........U....
        0010: 55 D4 4F 03 32 FD 47 A6   07 DE E4 BC 6F 75 95 9B  U.O.2.G.....ou..
        0020: 44 88 54 E1 85 86 9A 08   66 56 BC 00 00 46 C0 23  D.T.....fV...F.#
        0030: C0 27 00 3C C0 25 C0 29   00 67 00 40 C0 09 C0 13  .'.<.%.).g.@....
        0040: 00 2F C0 04 C0 0E 00 33   00 32 C0 2B C0 2F 00 9C  ./.....3.2.+./..
        0050: C0 2D C0 31 00 9E 00 A2   C0 08 C0 12 00 0A C0 03  .-.1............
        0060: C0 0D 00 16 00 13 C0 07   C0 11 00 05 C0 02 C0 0C  ................
        0070: 00 04 00 FF 01 00 00 83   00 0A 00 34 00 32 00 17  ...........4.2..
        0080: 00 01 00 03 00 13 00 15   00 06 00 07 00 09 00 0A  ................
        0090: 00 18 00 0B 00 0C 00 19   00 0D 00 0E 00 0F 00 10  ................
        00A0: 00 11 00 02 00 12 00 04   00 05 00 14 00 08 00 16  ................
        00B0: 00 0B 00 02 01 00 00 0D   00 1A 00 18 06 03 06 01  ................
        00C0: 05 03 05 01 04 03 04 01   03 03 03 01 02 03 02 01  ................
        00D0: 02 02 01 01 00 00 00 23   00 21 00 00 1E 6C 64 73  .......#.!...lds
        00E0: 6E 65 77 74 73 74 30 31   2E 61 6D 72 2E 63 6F 72  newtst01.amr.cor
        00F0: 70 2E 69 6E 74 65 6C 2E   63 6F 6D                 p.intel.com
        pool-1-thread-1, received EOFException: error
        pool-1-thread-1, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
        pool-1-thread-1, SEND TLSv1.2 ALERT:  fatal, description = handshake_failure
        pool-1-thread-1, WRITE: TLSv1.2 Alert, length = 2
        [Raw write]: length = 7
        0000: 15 03 03 00 02 02 28                               ......(
        pool-1-thread-1, called closeSocket()

I have started to have this problem yesterday, before this worked successfully, I could make ajax call successfully, but now I'm getting that error

我昨天开始遇到这个问题,在这成功之前,我可以成功进行ajax调用,但现在我收到了那个错误

采纳答案by Héctor

Thanks for your answer! I was setting a proxy for

感谢您的回答!我正在为

HttpHost proxy = new HttpHost("proxy.com", 911, "http");
RequestConfig config = RequestConfig.custom().setProxy(proxy).build();

I changed this way by the following:

我通过以下方式改变了这种方式:

System.setProperty("http.proxyHost", "proxy.com");
System.setProperty("http.proxyPort", "911");

And that is working successfully. I don't know why the before way is not working well.

这是成功的工作。我不知道为什么以前的方式效果不佳。

回答by Steffen Ullrich

If the server site closed directly after receiving the ClientHello this can just be anything, like:

如果服务器站点在收到 ClientHello 后直接关闭,这可以是任何东西,例如:

  • a firewall between you and the server blocking the connection
  • server croaking because it can not deal with the ciphers or protocol version offered by the client
  • misconfigured server
  • wrong hostname used
  • ...
  • 您和服务器之间的防火墙阻止了连接
  • 服务器发出嘶嘶声,因为它无法处理客户端提供的密码或协议版本
  • 服务器配置错误
  • 使用了错误的主机名
  • ...

To narrow down the cause try with other clients, like various web browsers, curl etc. If they succeed look at the SSL handshake to find out what they are doing different (i.e. different ciphers or protocols). If they fail too look at the server side for errors and try to make sure that the packets are received at the server at all, i.e. that no firewall is blocking the traffic.

要缩小原因,请尝试使用其他客户端,例如各种 Web 浏览器、curl 等。如果它们成功,请查看 SSL 握手以找出它们在做什么不同(即不同的密码或协议)。如果它们也失败了,请查看服务器端是否有错误,并尝试确保在服务器上完全接收到数据包,即没有防火墙阻止流量。

相关推荐

Java 生成光谱调色板

Java 生成光谱调色板

Java POI 提供的数据似乎在 Office 2007+ XML 中

Java POI 提供的数据似乎在 Office 2007+ XML 中

在 Java 中切换布尔变量的最简洁方法?

在 Java 中切换布尔变量的最简洁方法?

Java 如何将任何对象转换为字符串?

Java 如何将任何对象转换为字符串?

相关推荐
最近更新
标签