javax.net.ssl.SSLHandshakeException:握手期间远程主机关闭连接
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/29911073/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
javax.net.ssl.SSLHandshakeException:Remote host closed connection during handshake
提问by drunkenfist
I'm trying to run a Java application which makes a https call to a server, but keep getting the following SSL error:
我正在尝试运行一个 Java 应用程序,该应用程序对服务器进行 https 调用,但不断收到以下 SSL 错误:
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:882)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:654)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:100)
at java.io.BufferedOutputStream.write(BufferedOutputStream.java:105)
at org.apache.commons.httpclient.HttpConnection.write(HttpConnection.java:974)
at org.apache.commons.httpclient.HttpConnection.write(HttpConnection.java:942)
at org.apache.commons.httpclient.HttpConnection.print(HttpConnection.java:1032)
at org.apache.commons.httpclient.HttpMethodBase.writeRequestLine(HttpMethodBase.java:2077)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:1918)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:993)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:397)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
...
...
...
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:462)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:863)
I read on other posts that I need to add the certificate in lib/security/cacerts. So I downloaded the certificate file from the server using Firefox, and ran the following command:
我在其他帖子上读到我需要在 lib/security/cacerts 中添加证书。所以我使用 Firefox 从服务器下载证书文件,并运行以下命令:
sudo keytool -import -keystore cacerts -storepass changeit -alias samplecert-root -trustcacerts -file VeriSignClass3SecureServerCA.crt
Certificate was added to keystore
However, I still keep getting the error. What is the problem? Did I add the certificate properly to the keystore?
但是,我仍然不断收到错误消息。问题是什么?我是否将证书正确添加到密钥库?
回答by jdex
In my case, the cause of the error was that I was using a certificate as a client certificate that was a server-only certificate.
就我而言,错误的原因是我将证书用作客户端证书,该证书是仅服务器证书。
