ClientHello 后 SSL 握手失败

Posted

技术标签:

【中文标题】ClientHello 后 SSL 握手失败【英文标题】:SSL Handshake failure after ClientHello 【发布时间】:2020-09-02 23:45:45 【问题描述】:

我在客户端使用 openJdk 11.28 版。在调用通过 https 部署的 Web 服务时,我遇到握手失败。 Web 服务的 Nmap 命令提供以下结果:

我已经在我的 java 中启用了 ssl、握手日志记录,这会产生以下日志:

15:02:04,638 ERROR  javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: secp256r1
15:02:04,638 ERROR  javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: secp384r1
15:02:04,639 ERROR  javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: secp521r1
15:02:04,639 ERROR  javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: sect283k1
15:02:04,640 ERROR  javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: sect283r1
15:02:04,640 ERROR  javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: sect409k1
15:02:04,641 ERROR  javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: sect409r1
15:02:04,641 ERROR  javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: secp256k1
15:02:04,648 ERROR  javax.net.ssl|WARNING|D2|SignatureScheme.java:282|Signature algorithm, ed25519, is not supported by the underlying providers
15:02:04,648 ERROR  javax.net.ssl|WARNING|D2|SignatureScheme.java:282|Signature algorithm, ed448, is not supported by the underlying providers
15:02:04,663 ERROR  javax.net.ssl|INFO|D2|AlpnExtension.java:161|No available application protocols
15:02:04,664 ERROR  javax.net.ssl|DEBUG|D2|SSLExtensions.java:235|Ignore, context unavailable extension: application_layer_protocol_negotiation
15:02:04,666 ERROR  javax.net.ssl|DEBUG|D2|SSLExtensions.java:235|Ignore, context unavailable extension: renegotiation_info
15:02:04,668 ERROR  javax.net.ssl|DEBUG|D2|ClientHello.java:633|Produced ClientHello handshake message (
15:02:04,668 ERROR  "ClientHello": 
15:02:04,668 ERROR    "client version"      : "TLSv1.2",
15:02:04,669 ERROR    "random"              : "EE F5 C2 80 02 39 44 E5 C4 0E 65 EC 49 FF D0 38 A1 C7 2F 80 EA 5A F5 43 DC A1 4E C3 CB 42 7E 81",
15:02:04,669 ERROR    "session id"          : "",
15:02:04,669 ERROR    "cipher suites"       : "[TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
15:02:04,669 ERROR    "compression methods" : "00",
15:02:04,669 ERROR    "extensions"          : [
15:02:04,670 ERROR      "server_name (0)": 
15:02:04,670 ERROR        type=host_name (0), value=mydomain.com
15:02:04,670 ERROR      ,
15:02:04,670 ERROR      "status_request (5)": 
15:02:04,670 ERROR        "certificate status type": ocsp
15:02:04,671 ERROR        "OCSP status request": 
15:02:04,671 ERROR          "responder_id": <empty>
15:02:04,671 ERROR          "request extensions": 
15:02:04,671 ERROR            <empty>
15:02:04,671 ERROR          
15:02:04,672 ERROR        
15:02:04,672 ERROR      ,
15:02:04,672 ERROR      "supported_groups (10)": 
15:02:04,672 ERROR        "versions": [sect571k1, sect571r1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
15:02:04,672 ERROR      ,
15:02:04,673 ERROR      "ec_point_formats (11)": 
15:02:04,673 ERROR        "formats": [uncompressed]
15:02:04,673 ERROR      ,
15:02:04,673 ERROR      "signature_algorithms (13)": 
15:02:04,673 ERROR        "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
15:02:04,674 ERROR      ,
15:02:04,674 ERROR      "signature_algorithms_cert (50)": 
15:02:04,674 ERROR        "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
15:02:04,674 ERROR      ,
15:02:04,674 ERROR      "status_request_v2 (17)": 
15:02:04,675 ERROR        "cert status request": 
15:02:04,675 ERROR          "certificate status type": ocsp_multi
15:02:04,675 ERROR          "OCSP status request": 
15:02:04,675 ERROR            "responder_id": <empty>
15:02:04,675 ERROR            "request extensions": 
15:02:04,676 ERROR              <empty>
15:02:04,676 ERROR            
15:02:04,676 ERROR          
15:02:04,676 ERROR        
15:02:04,677 ERROR      ,
15:02:04,677 ERROR      "extended_master_secret (23)": 
15:02:04,677 ERROR        <empty>
15:02:04,677 ERROR      ,
15:02:04,677 ERROR      "supported_versions (43)": 
15:02:04,678 ERROR        "versions": [TLSv1.2]
15:02:04,678 ERROR      
15:02:04,678 ERROR    ]
15:02:04,678 ERROR  
15:02:04,678 ERROR  )
15:02:04,693 ERROR  javax.net.ssl|DEBUG|D2|2020-05-16 15:02:04.692|Alert.java:232|Received alert message (
15:02:04,693 ERROR  "Alert": 
15:02:04,693 ERROR    "level"      : "fatal",
15:02:04,693 ERROR    "description": "handshake_failure"
15:02:04,693 ERROR  
15:02:04,694 ERROR  )
15:02:04,696 ERROR  javax.net.ssl|ERROR|D2|2020-05-16 15:02:04.695| : Received fatal alert: handshake_failure (
15:02:04,696 ERROR  "throwable" : 
15:02:04,696 ERROR    javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
15:02:04,696 ERROR      at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)

我无法找出握手失败的原因。请帮助确定握手期间出现问题的地方。谢谢。

【问题讨论】:

【参考方案1】:

这似乎是 Web 服务端的密码套件冲突。它不支持在客户端启用的 tue 密码。请使用wireshark捕获数据包以获得清晰的图片。

【讨论】:

【参考方案2】:

后来在我们的分析中,我们发现问题是我们使用的 openJdk 版本。尽管有匹配的密码套件,但客户端和服务器之间没有共同的安全组。

下面的链接提供了关于同一件事的信息。 https://bugs.openjdk.java.net/browse/JDK-8208698

错误已在版本 12 中修复并标记为“jdk11u-critical-yes”。因此,我们简单地更新了我们的 JDK 并解决了问题。

【讨论】:

以上是关于ClientHello 后 SSL 握手失败的主要内容,如果未能解决你的问题,请参考以下文章

Websphere 9 总是为 SSL 握手发送 ClientHello TLSv1。我如何强制使用 TLSv1.2

HTTPS|SSL笔记-SSL双向认证成功握手过程(含wireshark分析)

HTTPS|SSL笔记-SSL双向认证失败(客户端证书信任库不含服务端证书)握手过程(含wireshark分析)

SSL握手过程详解

SSL/TLS 链接的建立/握手

ssl握手协议中的CipherSuite