ClientHello 后 SSL 握手失败
Posted
技术标签:
【中文标题】ClientHello 后 SSL 握手失败【英文标题】:SSL Handshake failure after ClientHello 【发布时间】:2020-09-02 23:45:45 【问题描述】:我在客户端使用 openJdk 11.28 版。在调用通过 https 部署的 Web 服务时,我遇到握手失败。 Web 服务的 Nmap 命令提供以下结果:
我已经在我的 java 中启用了 ssl、握手日志记录,这会产生以下日志:
15:02:04,638 ERROR javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: secp256r1
15:02:04,638 ERROR javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: secp384r1
15:02:04,639 ERROR javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: secp521r1
15:02:04,639 ERROR javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: sect283k1
15:02:04,640 ERROR javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: sect283r1
15:02:04,640 ERROR javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: sect409k1
15:02:04,641 ERROR javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: sect409r1
15:02:04,641 ERROR javax.net.ssl|DEBUG|D2|SupportedGroupsExtension.java:831|Ignore inactive or disabled named group: secp256k1
15:02:04,648 ERROR javax.net.ssl|WARNING|D2|SignatureScheme.java:282|Signature algorithm, ed25519, is not supported by the underlying providers
15:02:04,648 ERROR javax.net.ssl|WARNING|D2|SignatureScheme.java:282|Signature algorithm, ed448, is not supported by the underlying providers
15:02:04,663 ERROR javax.net.ssl|INFO|D2|AlpnExtension.java:161|No available application protocols
15:02:04,664 ERROR javax.net.ssl|DEBUG|D2|SSLExtensions.java:235|Ignore, context unavailable extension: application_layer_protocol_negotiation
15:02:04,666 ERROR javax.net.ssl|DEBUG|D2|SSLExtensions.java:235|Ignore, context unavailable extension: renegotiation_info
15:02:04,668 ERROR javax.net.ssl|DEBUG|D2|ClientHello.java:633|Produced ClientHello handshake message (
15:02:04,668 ERROR "ClientHello":
15:02:04,668 ERROR "client version" : "TLSv1.2",
15:02:04,669 ERROR "random" : "EE F5 C2 80 02 39 44 E5 C4 0E 65 EC 49 FF D0 38 A1 C7 2F 80 EA 5A F5 43 DC A1 4E C3 CB 42 7E 81",
15:02:04,669 ERROR "session id" : "",
15:02:04,669 ERROR "cipher suites" : "[TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
15:02:04,669 ERROR "compression methods" : "00",
15:02:04,669 ERROR "extensions" : [
15:02:04,670 ERROR "server_name (0)":
15:02:04,670 ERROR type=host_name (0), value=mydomain.com
15:02:04,670 ERROR ,
15:02:04,670 ERROR "status_request (5)":
15:02:04,670 ERROR "certificate status type": ocsp
15:02:04,671 ERROR "OCSP status request":
15:02:04,671 ERROR "responder_id": <empty>
15:02:04,671 ERROR "request extensions":
15:02:04,671 ERROR <empty>
15:02:04,671 ERROR
15:02:04,672 ERROR
15:02:04,672 ERROR ,
15:02:04,672 ERROR "supported_groups (10)":
15:02:04,672 ERROR "versions": [sect571k1, sect571r1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
15:02:04,672 ERROR ,
15:02:04,673 ERROR "ec_point_formats (11)":
15:02:04,673 ERROR "formats": [uncompressed]
15:02:04,673 ERROR ,
15:02:04,673 ERROR "signature_algorithms (13)":
15:02:04,673 ERROR "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
15:02:04,674 ERROR ,
15:02:04,674 ERROR "signature_algorithms_cert (50)":
15:02:04,674 ERROR "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
15:02:04,674 ERROR ,
15:02:04,674 ERROR "status_request_v2 (17)":
15:02:04,675 ERROR "cert status request":
15:02:04,675 ERROR "certificate status type": ocsp_multi
15:02:04,675 ERROR "OCSP status request":
15:02:04,675 ERROR "responder_id": <empty>
15:02:04,675 ERROR "request extensions":
15:02:04,676 ERROR <empty>
15:02:04,676 ERROR
15:02:04,676 ERROR
15:02:04,676 ERROR
15:02:04,677 ERROR ,
15:02:04,677 ERROR "extended_master_secret (23)":
15:02:04,677 ERROR <empty>
15:02:04,677 ERROR ,
15:02:04,677 ERROR "supported_versions (43)":
15:02:04,678 ERROR "versions": [TLSv1.2]
15:02:04,678 ERROR
15:02:04,678 ERROR ]
15:02:04,678 ERROR
15:02:04,678 ERROR )
15:02:04,693 ERROR javax.net.ssl|DEBUG|D2|2020-05-16 15:02:04.692|Alert.java:232|Received alert message (
15:02:04,693 ERROR "Alert":
15:02:04,693 ERROR "level" : "fatal",
15:02:04,693 ERROR "description": "handshake_failure"
15:02:04,693 ERROR
15:02:04,694 ERROR )
15:02:04,696 ERROR javax.net.ssl|ERROR|D2|2020-05-16 15:02:04.695| : Received fatal alert: handshake_failure (
15:02:04,696 ERROR "throwable" :
15:02:04,696 ERROR javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
15:02:04,696 ERROR at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
我无法找出握手失败的原因。请帮助确定握手期间出现问题的地方。谢谢。
【问题讨论】:
【参考方案1】:这似乎是 Web 服务端的密码套件冲突。它不支持在客户端启用的 tue 密码。请使用wireshark捕获数据包以获得清晰的图片。
【讨论】:
【参考方案2】:后来在我们的分析中,我们发现问题是我们使用的 openJdk 版本。尽管有匹配的密码套件,但客户端和服务器之间没有共同的安全组。
下面的链接提供了关于同一件事的信息。 https://bugs.openjdk.java.net/browse/JDK-8208698
错误已在版本 12 中修复并标记为“jdk11u-critical-yes”。因此,我们简单地更新了我们的 JDK 并解决了问题。
【讨论】:
以上是关于ClientHello 后 SSL 握手失败的主要内容,如果未能解决你的问题,请参考以下文章
Websphere 9 总是为 SSL 握手发送 ClientHello TLSv1。我如何强制使用 TLSv1.2
HTTPS|SSL笔记-SSL双向认证成功握手过程(含wireshark分析)