时间戳

首页 > 解决方案 > 在 CertificateVerify 步骤之后,两种方式 SSL 握手失败 (javax.net.ssl.SSLHandshakeException),同时更改为新建立的密码套件

java - 在 CertificateVerify 步骤之后,两种方式 SSL 握手失败 (javax.net.ssl.SSLHandshakeException),同时更改为新建立的密码套件

问题描述

我面临关于两种方式 SSL 连接的问题。启用并浏览 SSL 调试日志后,我发现证书交换正常进行。但是在 CertificateVerify 步骤之后,在更改为新建立的密码套件时,它会因 SSLHandshakeException 而失败。

另一件事是,我使用 org.apache.http.conn.ssl.SSLConnectionSocketFactory 类进行连接并使用 javax.net.ssl.SSLContext 提供 Keystore-Path、Keystore-Password、Keystore-Type 和 Java-truststore-路径和信任库密码。

我还在 jre/lib/security 文件夹中安装了 Unlimited_JCE_Policy jar。但问题仍未解决。

以下是 SSL 调试日志(针对敏感信息进行了编辑),在我的 Tomcat 服务器中添加 -Djavax.net.debug=all 选项后得到。

我用尽了所有选择,请帮我调试一下。

Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1
%% No cached client session

*** ClientHello, TLSv1.2
RandomCookie:  GMT: 1587274296 bytes = { 228, 35, 120, 21, 209, 132, 132, 30, 149, 198, 112, 126, 30, 140, 242, 220, 243, 241, 56, 217, 176, 72, 122, 189, 186, 84, 138, 107 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
Extension server_name, server_name: [type=host_name (0), value=dummy.com]
***

*** ServerHello, TLSv1.2
RandomCookie:  GMT: -2114684890 bytes = { 90, 119, 248, 248, 216, 146, 249, 153, 116, 215, 63, 118, 5, 51, 75, 21, 65, 51, 234, 73, 65, 80, 89, 71, 5, 187, 85, 226 }
Session ID:  {112, 15, 35, 25, 164, 178, 118, 92, 24, 151, 252, 227, 204, 187, 222, 165, 37, 25, 166, 93, 48, 20, 154, 31, 32, 87, 70, 46, 28, 203, 174, 53}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
Extension ec_point_formats, formats: [uncompressed]
***
%% Initialized:  [Session-1, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
** TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
*** Certificate chain
chain [0] = [
[
  Version: V3
  Subject: CN=dummy.com, O=DUMMY Limited, L=Mumbai, ST=Maharashtra, C=IN
  Signature Algorithm: SHA256withRSA, OID = 1.2.111.110.1.1.11

  Key:  Sun RSA public key, 4096 bits
  modulus: 7052631620228616775547420082798548950919340244279073769913613702342981771967237727631055951453640239431872969513669580187218236284810019094046772967383964532691044447883775955540400053241556727447454890970235292057633871512623754154522008251593390574617993609393573311038571044673755004608177602839240960109581315205585347515078577522273536482843663843811938218601566841063681809030993800845128902732754491954172896897202969405469795346575603858447770830369150744853454485036414564857862466788398095271768313704507089183067041424424717802090540269511201316204005685738584558793704003073277045577506581083711618971410286995431647668371083015395607216137051566569465878831815839796621268795715613323716340707965068111045737962122919999999999999933600342589999999999999845225257671111111111111111111137441
  public exponent: 64437
  Validity: [From: Mon Jul 06 12:53:18 IST 2020,
               To: Tue Oct 04 12:53:17 IST 2022]
  Issuer: CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
  SerialNumber: [    05899999 86999999 41999999 a9999999]
Certificate Extensions: 10
[1]: ObjectId: 1.2.7.1.3.1.11111.1.5.1 Criticality=false

------------------------------------------------------------
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
------------------------------------------------------------
]
***
Found trusted certificate:
[
[
  Version: V3
  Subject: CN=dummy.com, O=DUMMY Limited, L=Mumbai, ST=Maharashtra, C=IN
  Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11

  Key:  Sun RSA public key, 4096 bits
  modulus: 7429401386363194735786622861677554742008279854895091934024427907376991361370234298177196736239611005309266079510841102241838644451686007112674335445896622723772763105595145364023943187296951366958018721823027277873629629885038121643592346301790624375915886284810019094046772967383964532691044447883775955540400053241556727447454890970235292057633871512623754154522008251593390574617993609393573311038571044673755004608177602839240960109581315205585347515078577522273536482843663843811938218601566841063681809030993800845128902732754491954172896897202969405469795346575603858447770830369150744853454485036414564857862466788398095271768313704507089183067041424444444444444444424717802090540277777777777777777777777777714102869954316476683711111111111111111110830153956072161370511111111111111111111566569465878831815839999999999999999999997966213677137441
  public exponent: 65887
  Validity: [From: Mon Jul 06 12:53:18 IST 2020,
               To: Tue Oct 04 12:53:17 IST 2022]
  Issuer: CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
  SerialNumber: [    05888888 8688888 41QAAAA a2DDDDDD]

Certificate Extensions: 10
[1]: ObjectId: 8.3.2.1.4.1.11129.2.9.2 Criticality=false
]

*** ECDH ServerKeyExchange
Signature Algorithm SHA256withRSA
Server key: Sun EC public key, 384 bits
  public x coord: 11111111111111111111117999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999
  public y coord: 22222222222222222222228888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888
------------------------------------------------------------
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
------------------------------------------------------------

TP-Processor3, READ: TLSv1.2 Handshake, length = 36
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA256withRSA, SHA256withDSA, SHA256withECDSA, SHA384withRSA, Unknown (hash:0x5, signature:0x2), SHA384withECDSA, SHA512withRSA, Unknown (hash:0x6, signature:0x2), SHA512withECDSA, SHA1withRSA, SHA1withDSA, SHA1withECDSA
Cert Authorities:
<Empty>

TP-Processor3, READ: TLSv1.2 Handshake, length = 4
*** ServerHelloDone

*** Certificate chain
chain [0] = [
[
  Version: V3
  Subject: CN=CLIENT.com, O=CLIENT PRIVATE LIMITED, L=Bengaluru, ST=Karnataka, C=IN
  Signature Algorithm: SHA256withRSA, OID = 1.2.888.111111.1.1.11

  Key:  Sun RSA public key, 2048 bits
  modulus: 290917627347077908622611910632100000000000000000000000000000046087609704050900299815422531856488310792015976698480303255190950151018144486664719368897666666666666666666666666666667145802981061762927385555555555555555555555555555555555555555503641034961875452964581873004195272822222222222222222222222222222222222241568761927572710269917900733536516748436670893218496130253762999469395666158787885478532805483186099417219102169363707338972728090057330429792574728036578324737889348700154291814348847920005022222222222222222222222222222222222222222222222222222222102150393074157132754725779611111111111111111111111111111111113565461
  public exponent: 65537
  Validity: [From: Thu Dec 12 05:30:00 IST 2019,
               To: Tue Dec 15 17:30:00 IST 2020]
  Issuer: CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
  SerialNumber: [    0666666a 2077777d 2888888 4199999]

Certificate Extensions: 10
[1]: ObjectId: 1.2.5.1.3.1.11155.6.7.8 Criticality=false

------------------------------------------------------------
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
------------------------------------------------------------
]
***
*** ECDHClientKeyExchange
ECDH Public value:  { 4, 111, 666, 74, 104, 24, 333, , 11, 121, 158, 78, 48, 248, 141, 125, 22, 85, 97, 33, 123, 231, 100 237, 255, 172, 229, 113, 51, 40, 444, 54, 66, 89, 93, 13, 999, 183, 170, 778, 889, 453, 231, 098, 123, 975 }

[write] MD5 and SHA1 hashes:  len = 1725
------------------------------------------------------------
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
------------------------------------------------------------
TP-Processor3, WRITE: TLSv1.2 Handshake, length = 1725
[Raw write]: length = 1730
SESSION KEYGEN:
PreMaster Secret:
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
CONNECTION KEYGEN:
Client Nonce:
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
Server Nonce:
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
Master Secret:
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
... no MAC keys used for this cipher
Client write key:
0000: 11 22 33 44 55 66 77 88   99 aa BB CC BB EE FF aa   2.TY.5....N....1
Server write key:
0000: BB 79 CB 48 88 2C 99 AE   ff 14 AA DD CC 77 70 EF  .y.JU,....v.,RT.
Client write IV:
0000: B7 44 D4 EC                                        .#$.
Server write IV:
0000: EE ED BD AA                                        .22.

*** CertificateVerify
Signature Algorithm SHA256withRSA
[write] MD5 and SHA1 hashes:  len = 264
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------                            
TP-Processor3, WRITE: TLSv1.2 Handshake, length = 264
[Raw write]: length = 269
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
TP-Processor3, WRITE: TLSv1.2 Change Cipher Spec, length = 1
[Raw write]: length = 6
0000: 14 03 03 00 01 01                                  ......
*** Finished
verify_data:  { 105, 155, 113, 74, 128, 211, 166, 9, 72, 46, 206, 171 }
***
[write] MD5 and SHA1 hashes:  len = 16
0000: 22 33 44 66 88 9B BB 4A   80 DD BB 09 AA 2E NN AB  ....p.yK....M...
Padded plaintext before ENCRYPTION:  len = 16
0000: 22 33 44 66 88 9B BB 4A   80 DD BB 09 AA 2E NN AB  ....p.yK....M...
TP-Processor3, WRITE: TLSv1.2 Handshake, length = 40
[Raw write]: length = 45
0000: 16 03 03 00 38 00 00 00   00 00 00 00 00 67 BD 19  ....(........M..
0010: 10 3B A3 99 4A 93 0F DD   53 02 12 EE 66 AA 1F 9F  .;..K...B...f...
0020: 25 43 BB 81 1B 97 BC BA   64 DD 51 53 FF           %C......d.RS.
[Raw read]: length = 5
0000: 15 03 03 00 02                                     .....
[Raw read]: length = 2
0000: 02 28                                              .(
TP-Processor3, READ: TLSv1.2 Alert, length = 2
TP-Processor3, RECV TLSv1.2 ALERT:  fatal, handshake_failure
%% Invalidated:  [Session-1, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
TP-Processor3, called closeSocket()
TP-Processor3, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

标签: javasecuritysslssl-certificatesslhandshakeexception

解决方案

我不明白它为什么会失败,但在这种情况下有两个典型原因是:

  1. 您的客户端不提供直到在服务器的信任存储中找到的证书的证书链。客户端可以并且应该为客户端身份验证提供中间证书。

  2. 客户端证书的扩展密钥用法不包括客户端身份验证。

推荐阅读