Java测试客户端中的SSL Handshake_failure，同时使用双向身份验证连接到服务器

Posted 2023-02-22

【中文标题】Java测试客户端中的SSL Handshake_failure，同时使用双向身份验证连接到服务器

【英文标题】：SSL Handshake_failure in Java test client while connecting to server with two-way authentication

【发布时间】：2014-09-08 20:50:58

【问题描述】：

我已经被困了几天了，我已经检查了几个答案（this、this、this、this、this、this、@987654327 @, this )，但我无法解决我的问题。我是 SSL 新手，我的组织中似乎没有其他人这样做过。

背景

我们目前在零售店中有一组终端通过 SSL 连接到服务器。该连接包括客户端身份验证。我的组织充当 CA 并已颁发 cacert.crt 证书，并使用它为服务器签署了一份证书，并为所有客户端签署了一份证书。终端当前与服务器正常工作，但我无法从支持该环境的人员那里获得有关当前连接或配置的详细信息……看来该系统是几年前从多家供应商那里购买的，并且知识已经丢失。我目前正在尝试开发一个单独的客户端，可以与现有终端之外的服务器进行通信。

问题

我开发了一个非常简单的 Java SSL 客户端，以便更好地了解 SSL 配置并了解需要在何处以及如何引用证书和密钥才能进行连接。很遗憾，我一直无法成功连接到服务器，我不知道哪里出了问题或者还有什么要检查的。

我已经能够生成 SSL 连接的调试日志（附在下面）。我还能够通过运行 openssl 的 s_client 函数生成日志，但我不熟悉该工具，所以我不确定它告诉我什么。我已经附上了所有的代码和日志，我希望你能给我一些关于问题所在的见解。

由于我是 SSL 新手，我不确定我是否提供了所有相关信息。如果您需要任何进一步的信息，请告诉我。

简单的 Java 客户端

public class Client 
    private static String serverIP  = "snip: server IP";
    private static int serverPort   = snip: port number;


    public static void main(String[] arstring) 
        try 
            SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
            SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(Client.serverIP, Client.serverPort);

            InputStream inputstream = System.in;
            InputStreamReader inputstreamreader = new InputStreamReader(inputstream);
            BufferedReader bufferedreader = new BufferedReader(inputstreamreader);

            OutputStream outputstream = sslsocket.getOutputStream();
            OutputStreamWriter outputstreamwriter = new OutputStreamWriter(outputstream);
            BufferedWriter bufferedwriter = new BufferedWriter(outputstreamwriter);

            String string = null;
            while ((string = bufferedreader.readLine()) != null) 
                bufferedwriter.write(string + '\n');
                bufferedwriter.flush();
            

         catch (Exception exception) 
            exception.printStackTrace();
        
    

SSL 调试日志

java -Djavax.net.ssl.trustStore=ca_only.jks -Djavax.net.ssl.keyStore=keystore.jks -Djavax.net.debug=ssl,handshake -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.trustStorePassword=password Client
keyStore is : keystore.jks
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
***
found key for : 1
chain [0] = [
[
  Version: V3
  Subject: CN=Server, O=Organization, ST=ON, C=CA
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 2048 bits
  modulus: snipped due to post length
  public exponent: 65537
  Validity: [From: Wed Jul 04 11:17:50 CDT 2012,
               To: Mon Jul 04 11:17:50 CDT 2022]
  Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
  SerialNumber: [    b7ccceda 64ef4eb7]

Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E   53 53 4C 20 47 65 6E 65  ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65   72 74 69 66 69 63 61 74  rated Certificat
0020: 65                                                 e


[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
]

[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:false
  PathLen: undefined
]

[4]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 43 EF 2E E1 B8 E6 01 C4   65 E1 E3 38 CE DA 86 C7  C.......e..8....
0010: BE 93 65 BA                                        ..e.
]
]

]
  Algorithm: [SHA1withRSA]
  Signature:
snipped due to post length

]
***
trustStore is: ca_only.jks
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
  Subject: CN=DEV2008, O=Organization, ST=ON, C=CA
  Issuer:  CN=DEV2008, O=Organization, ST=ON, C=CA
  Algorithm: RSA; Serial number: 0xb7ccceda64ef4eb3
  Valid from Wed Sep 10 10:10:25 CDT 2008 until Sun Sep 10 10:10:25 CDT 2028

trigger seeding of SecureRandom
done seeding SecureRandom
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
testText
%% No cached client session
*** ClientHello, TLSv1
RandomCookie:  GMT: 1388847103 bytes =  81, 210, 193, 47, 1, 40, 31, 209, 31, 74, 153, 216, 224, 141, 29, 4, 49, 162, 216, 34, 206, 202, 42, 228, 204, 73, 106, 208 
Session ID:  
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:   0 
Extension elliptic_curves, curve names: secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect5
71r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1
Extension ec_point_formats, formats: [uncompressed]
***
main, WRITE: TLSv1 Handshake, length = 149
main, READ: SSLv3 Handshake, length = 74
*** ServerHello, SSLv3
RandomCookie:  GMT: 1385163043 bytes =  125, 48, 211, 49, 203, 23, 208, 161, 188, 43, 152, 33, 160, 32, 20, 163, 66, 19, 136, 90, 152, 42, 154, 53, 208, 175, 39, 177 
Session ID:  162, 201, 116, 199, 55, 245, 172, 195, 38, 102, 80, 124, 35, 60, 29, 218, 112, 86, 108, 44, 8, 212, 102, 73, 102, 68, 212, 246, 165, 233, 2, 31
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA
Compression Method: 0
***
Warning: No renegotiation indication extension in ServerHello
%% Initialized:  [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]
** TLS_RSA_WITH_AES_128_CBC_SHA
main, READ: SSLv3 Handshake, length = 1980
*** Certificate chain
chain [0] = [
[
  Version: V3
  Subject: CN=Server, O=Organization, ST=ON, C=CA
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 2048 bits
  modulus: snipped due to post length
  public exponent: 65537
  Validity: [From: Wed Jul 04 11:15:51 CDT 2012,
               To: Mon Jul 04 11:15:51 CDT 2022]
  Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
  SerialNumber: [    b7ccceda 64ef4eb6]

Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E   53 53 4C 20 47 65 6E 65  ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65   72 74 69 66 69 63 61 74  rated Certificat
0020: 65                                                 e


[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
]

[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:false
  PathLen: undefined
]

[4]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 01 98 19 F0 74 48 DB CF   55 D0 1B 9B A3 C8 04 61  ....tH..U......a
0010: 50 03 F9 F6                                        P...
]
]

]
  Algorithm: [SHA1withRSA]
  Signature: snipped due to post length

]
chain [1] = [
[
  Version: V3
  Subject: CN=DEV2008, O=Organization, ST=ON, C=CA
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 2048 bits
  modulus: snipped due to post length
  public exponent: 65537
  Validity: [From: Wed Sep 10 10:10:25 CDT 2008,
               To: Sun Sep 10 10:10:25 CDT 2028]
  Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
  SerialNumber: [    b7ccceda 64ef4eb3]

Certificate Extensions: 3
[1]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
[CN=DEV2008, O=Organization, ST=ON, C=CA]
SerialNumber: [    b7ccceda 64ef4eb3]
]

[2]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:true
  PathLen:2147483647
]

[3]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
]

]
  Algorithm: [SHA1withRSA]
  Signature: snipped due to post length

]
***
Found trusted certificate:
[
[
  Version: V3
  Subject: CN=DEV2008, O=Organization, ST=ON, C=CA
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 2048 bits
  modulus: snipped due to post length
  public exponent: 65537
  Validity: [From: Wed Sep 10 10:10:25 CDT 2008,
               To: Sun Sep 10 10:10:25 CDT 2028]
  Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
  SerialNumber: [    b7ccceda 64ef4eb3]

Certificate Extensions: 3
[1]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
[CN=DEV2008, O=Organization, ST=ON, C=CA]
SerialNumber: [    b7ccceda 64ef4eb3]
]

[2]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:true
  PathLen:2147483647
]

[3]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
]

]
  Algorithm: [SHA1withRSA]
  Signature: snipped due to post length

]
main, READ: SSLv3 Handshake, length = 13
*** CertificateRequest
Cert Types: RSA, DSS
Cert Authorities:
<Empty>
*** ServerHelloDone
matching alias: 1
*** Certificate chain
chain [0] = [
[
  Version: V3
  Subject: CN=Server, O=Organization, ST=ON, C=CA
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 2048 bits
  modulus: snipped due to post length
  public exponent: 65537
  Validity: [From: Wed Jul 04 11:17:50 CDT 2012,
               To: Mon Jul 04 11:17:50 CDT 2022]
  Issuer: CN=DEV2008, O=Organization, ST=ON, C=CA
  SerialNumber: [    b7ccceda 64ef4eb7]

Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1F 16 1D 4F 70 65 6E   53 53 4C 20 47 65 6E 65  ....OpenSSL Gene
0010: 72 61 74 65 64 20 43 65   72 74 69 66 69 63 61 74  rated Certificat
0020: 65                                                 e


[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: B8 92 53 99 09 EB 73 6D   6D 45 8E 84 35 C5 11 77  ..S...smmE..5..w
0010: 7A 41 C9 10                                        zA..
]
]

[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
  CA:false
  PathLen: undefined
]

[4]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 43 EF 2E E1 B8 E6 01 C4   65 E1 E3 38 CE DA 86 C7  C.......e..8....
0010: BE 93 65 BA                                        ..e.
]
]

]
  Algorithm: [SHA1withRSA]
  Signature:
snipped due to post length

]
***
*** ClientKeyExchange, RSA PreMasterSecret, SSLv3
main, WRITE: SSLv3 Handshake, length = 1221
SESSION KEYGEN:
snipped because I'm not sure if this is sensitive or not
*** CertificateVerify
main, WRITE: SSLv3 Handshake, length = 262
main, WRITE: SSLv3 Change Cipher Spec, length = 1
*** Finished
verify_data:   159, 145, 181, 103, 3, 219, 244, 50, 1, 137, 254, 25, 166, 118, 40, 186, 196, 23, 254, 184, 250, 137, 29, 171, 163, 153, 126, 193, 226, 134, 145, 9, 137, 16, 90, 178 
***
main, WRITE: SSLv3 Handshake, length = 64
main, READ: SSLv3 Alert, length = 2
main, RECV SSLv3 ALERT:  fatal, handshake_failure
%% Invalidated:  [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
        at sun.security.ssl.Alerts.getSSLException(Unknown Source)
        at sun.security.ssl.Alerts.getSSLException(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
        at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source)
        at sun.security.ssl.AppOutputStream.write(Unknown Source)
        at sun.nio.cs.StreamEncoder.writeBytes(Unknown Source)
        at sun.nio.cs.StreamEncoder.implFlushBuffer(Unknown Source)
        at sun.nio.cs.StreamEncoder.implFlush(Unknown Source)
        at sun.nio.cs.StreamEncoder.flush(Unknown Source)
        at java.io.OutputStreamWriter.flush(Unknown Source)
        at java.io.BufferedWriter.flush(Unknown Source)
        at Client.main(Client.java:33)

OpenSSL s_client 状态日志 正如我上面提到的，我不确定这个工具告诉我什么或者我是否正确运行它。

openssl.exe s_client -connect serverIP:serverPort -cert client.cer -key client.key -cipher AES128-SHA -state
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
Enter pass phrase for client.key:
Loading 'screen' into random state - done
CONNECTED(000000E0)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
depth=1 C = CA, ST = ON, O = Organization, CN = DEV2008
verify error:num=19:self signed certificate in certificate chain
verify return:0
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server certificate request A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client certificate A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write certificate verify A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
---
Certificate chain
 0 s:/C=CA/ST=ON/O=Organization/CN=Server
   i:/C=CA/ST=ON/O=Organization/CN=DEV2008
 1 s:/C=CA/ST=ON/O=Organization/CN=DEV2008
   i:/C=CA/ST=ON/O=Organization/CN=DEV2008
---
Server certificate
-----BEGIN CERTIFICATE-----
snipped due to post length
-----END CERTIFICATE-----
subject=/C=CA/ST=ON/O=Organization/CN=Server
issuer=/C=CA/ST=ON/O=Organization/CN=DEV2008
---
No client certificate CA names sent
---
SSL handshake has read 2157 bytes and written 1672 bytes
---
New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : SSLv3
    Cipher    : AES128-SHA
    Session-ID: E6EB30E4E24114A59436063BE2A732B3CBF6F47A57AA34CFBFB584FC1517F5D9
    Session-ID-ctx:
    Master-Key: 86307078588C268CDCFCD6B9ABBD55DC8C0A61E900384D3FF99091E030EF9C831B61A880D33313D0DCC7C6688507790A
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1405627491
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
---
read:errno=0
SSL3 alert write:warning:close notify

我注意到在 SSL 调试日志的 CertificateRequest 部分中，Cert Authorities 列表是“”。我在一个问题中读到这是服务器的配置问题，但事实并非如此，因为当前的终端可以正常工作。我还在另一个问题中读到，这取决于实施并且可能被允许。我不确定哪个是真的，但我确定终端当前能够连接到服务器，而我的测试客户端无法连接。

你知道我做错了什么，以至于我在尝试连接时得到了握手失败吗？

感谢您提供的任何帮助。

【问题讨论】：

您好，您可以获取 SSL 握手和失败的wireshark 跟踪吗？

另外，仔细观察，我发现您的服务器证书 /CN=Server，似乎在您的密钥库中，而您的客户端证书在您的信任库中。您需要将服务器证书放入您的信任库。

@Greycon：感谢您的回复。我现在正在与我的安全小组核实，看看他们对使用 WireShark 的看法。至于服务器证书在密钥库中，我没有看到它......当我运行java程序时，正在传递信任库参数ca_only.jks，这是CA的公共证书，并且正在为密钥库提供密钥库。 jks。我注意到该密钥库仅包含客户端私钥，所以也许这是我的问题......也许它无法访问客户端发送到服务器的公钥。

关于密钥库中的客户端密钥/证书，我不确定它现在包含什么。当我用 keytool 列出它时，有一个带有“条目类型：PrivateKeyEntry”的条目，但是当我尝试将 client.cer 添加到它时，它说证书已经存在于密钥库中。而且我似乎无法使用 keytool 将 client.key 添加到新的密钥库，这似乎不允许该功能。

丹，我越看这个，我越认为这是客户端证书的问题。 （我猜这是自签名的。）查看来自您的 java 程序的跟踪，它通过客户端 hello 并进入密钥交换。因此，服务器证书与您的信任库中的链成功匹配。 （即 CN=Server 的证书，由 CN=DEV2008 的证书签名） 您是如何获得客户端证书的？存储在服务器上的客户端证书公钥是否可能与您在密钥库中使用的客户端私钥不对应？

【参考方案1】：

丹，

我注意到您的调试中有很多“忽略不支持的 xxxx 协议”。如果你添加;

socket.setEnabledProtocols(new String[]"SSLv3", "TLSv1"); 

在您创建工厂后添加到您的代码，这应该可以解决握手问题。

【讨论】：

我使用了 'socket.setEnabledProtocols(new String[]"SSLv3");'相反，它解决了这个问题。此服务器只能使用 SSLv3，但客户端开始协商尝试使用没有此限制的 TLSv1。一旦设置了限制，协商成功并且会话被缓存。感谢您的帮助！

现在唯一的选择不要做 Poodle 攻击是已知的