SSLHandshakeException:春季集成TCP服务器中没有共同的密码套件[重复]
Posted
技术标签:
【中文标题】SSLHandshakeException:春季集成TCP服务器中没有共同的密码套件[重复]【英文标题】:SSLHandshakeException:no cipher suites in common in spring integration TCP Server [duplicate] 【发布时间】:2016-12-18 18:38:08 【问题描述】:我正在尝试通过 spring 集成来使用 TCP Server。具体来说,我正在使用 SSL/TSL 支持,如在 http://docs.spring.io/spring-integration/reference/html/ip.html#ssl-tls
我的 sslContextSupport bean 如下:
<bean id="sslContextSupport"
class="org.springframework.integration.ip.tcp.connection.DefaultTcpSSLContextSupport">
<constructor-arg value="client.ks"/>
<constructor-arg value="client.truststore.ks"/>
<constructor-arg value="secret"/>
<constructor-arg value="secret"/>
</bean>
当我的客户端向服务器发送消息时,服务器收到它但它给出了以下错误
2016-08-11 10:28:43,876 ERROR [org.springframework.integration.ip.tcp.connection.TcpNetConnection] Read exception localhost.localdomain:38953:7770:34253f9c-125a-452d-8476-9a35ff7b9197 SSLHandshakeException:no cipher suites in common
感谢您对解决此问题的任何帮助?
我在服务器和客户端都使用 JDK 1.8。这是客户端日志当我使用 -Djavax.net.debug=SSL,handshake 运行时:
trigger seeding of SecureRandom
done seeding SecureRandom
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie: GMT: 1454103715 bytes = 29, 54, ...
Session ID:
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: 0
Extension elliptic_curves, curve names: secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
***
main, WRITE: TLSv1.2 Handshake, length = 193
main, READ: TLSv1.2 Alert, length = 2
main, RECV TLSv1.2 ALERT: fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
更新: 带有 -Djavax.net.debug=all 的服务器日志
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
taskExecutor-1, setSoTimeout(10000) called
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
[Raw read]: length = 5
0000: 16 03 03 00 C1 .....
[Raw read]: length = 193
0000: 01 00 00 BD 03 03 57 AC F9 35 A0 BD 75 F9 D4 EE ......W..5..u...
0010: 5B 71 66 FD E6 06 67 35 E4 26 D9 74 73 56 FC 74 [qf...g5.&.tsV.t
0020: C8 D7 6F C3 D5 7F 00 00 3A C0 23 C0 27 00 3C C0 ..o.....:.#.'.<.
0030: 25 C0 29 00 67 00 40 C0 09 C0 13 00 2F C0 04 C0 %.).g.@...../...
0040: 0E 00 33 00 32 C0 2B C0 2F 00 9C C0 2D C0 31 00 ..3.2.+./...-.1.
0050: 9E 00 A2 C0 08 C0 12 00 0A C0 03 C0 0D 00 16 00 ................
0060: 13 00 FF 01 00 00 5A 00 0A 00 34 00 32 00 17 00 ......Z...4.2...
0070: 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 ................
0080: 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 ................
0090: 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 00 ................
00A0: 0B 00 02 01 00 00 0D 00 18 00 16 06 03 06 01 05 ................
00B0: 03 05 01 04 03 04 01 03 03 03 01 02 03 02 01 02 ................
00C0: 02 .
taskExecutor-2, READ: TLSv1.2 Handshake, length = 193
*** ClientHello, TLSv1.2
RandomCookie: GMT: 1454111029 bytes = 160, 189, 117, 249, 212, 238, 91, 113, 102, 253, 230, 6, 103, 53, 228, 38, 217, 116, 115, 86, 252, 116, 200, 215, 111, 195, 213, 127
Session ID:
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: 0
Extension elliptic_curves, curve names: secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
***
[read] MD5 and SHA1 hashes: len = 193
0000: 01 00 00 BD 03 03 57 AC F9 35 A0 BD 75 F9 D4 EE ......W..5..u...
0010: 5B 71 66 FD E6 06 67 35 E4 26 D9 74 73 56 FC 74 [qf...g5.&.tsV.t
0020: C8 D7 6F C3 D5 7F 00 00 3A C0 23 C0 27 00 3C C0 ..o.....:.#.'.<.
0030: 25 C0 29 00 67 00 40 C0 09 C0 13 00 2F C0 04 C0 %.).g.@...../...
0040: 0E 00 33 00 32 C0 2B C0 2F 00 9C C0 2D C0 31 00 ..3.2.+./...-.1.
0050: 9E 00 A2 C0 08 C0 12 00 0A C0 03 C0 0D 00 16 00 ................
0060: 13 00 FF 01 00 00 5A 00 0A 00 34 00 32 00 17 00 ......Z...4.2...
0070: 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 ................
0080: 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 ................
0090: 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 00 ................
00A0: 0B 00 02 01 00 00 0D 00 18 00 16 06 03 06 01 05 ................
00B0: 03 05 01 04 03 04 01 03 03 03 01 02 03 02 01 02 ................
00C0: 02 .
%% Initialized: [Session-1, SSL_NULL_WITH_NULL_NULL]
%% Invalidated: [Session-1, SSL_NULL_WITH_NULL_NULL]
taskExecutor-2, SEND TLSv1.2 ALERT: fatal, description = handshake_failure
taskExecutor-2, WRITE: TLSv1.2 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 03 00 02 02 28 ......(
taskExecutor-2, called closeSocket()
taskExecutor-2, handling exception: javax.net.ssl.SSLHandshakeException: no cipher suites in common
taskExecutor-2, called close()
taskExecutor-2, called closeInternal(true)
2016-08-11 18:16:21,321 ERROR [org.springframework.integration.ip.tcp.connection.TcpNetConnection] Read exception nyx.clv.clverify.com:48493:7770:295eca46-10ca-407b-911e-7fd81e8a540d SSLHandshakeException:no cipher suites in common
似乎没有共同的密码套件。我想知道如果我们使用相同版本的 JDK 8 运行服务器和客户端,为什么没有通用密码套件?
有没有办法在 DefaultTcpSSLContextSupport 中配置密码套件的位置?
请就如何解决此问题提出任何建议?
谢谢
【问题讨论】:
试试-Djavax.net.debug=all(两边) - 你会得到更多的诊断。
请查看我的更新日志,如果您能提出解决问题的任何想法,我们将不胜感激。
这可能意味着服务器找不到自己的私钥和证书。
请看这里:***.com/questions/15076820/…
类似问题还有其他答案:***.com/questions/15405581/….
【参考方案1】:
这似乎不是 all 调试日志 - 我建议您运行以下测试用例(来自框架测试)...
@Test
public void testNetClientAndServerSSLDifferentContexts() throws Exception
System.setProperty("javax.net.debug", "all"); // SSL activity in the console
TcpNetServerConnectionFactory server = new TcpNetServerConnectionFactory(0);
TcpSSLContextSupport serverSslContextSupport = new DefaultTcpSSLContextSupport("server.ks",
"server.truststore.ks", "secret", "secret");
DefaultTcpNetSSLSocketFactorySupport serverTcpSocketFactorySupport =
new DefaultTcpNetSSLSocketFactorySupport(serverSslContextSupport);
serverTcpSocketFactorySupport.afterPropertiesSet();
server.setTcpSocketFactorySupport(serverTcpSocketFactorySupport);
final List<Message<?>> messages = new ArrayList<Message<?>>();
final CountDownLatch latch = new CountDownLatch(1);
server.registerListener(new TcpListener()
@Override
public boolean onMessage(Message<?> message)
messages.add(message);
latch.countDown();
return false;
);
server.start();
TestingUtilities.waitListening(server, null);
TcpNetClientConnectionFactory client = new TcpNetClientConnectionFactory("localhost", server.getPort());
TcpSSLContextSupport clientSslContextSupport = new DefaultTcpSSLContextSupport("client.ks",
"client.truststore.ks", "secret", "secret");
DefaultTcpNetSSLSocketFactorySupport clientTcpSocketFactorySupport =
new DefaultTcpNetSSLSocketFactorySupport(clientSslContextSupport);
clientTcpSocketFactorySupport.afterPropertiesSet();
client.setTcpSocketFactorySupport(clientTcpSocketFactorySupport);
client.start();
TcpConnection connection = client.getConnection();
connection.send(new GenericMessage<String>("Hello, world!"));
assertTrue(latch.await(10, TimeUnit.SECONDS));
assertEquals("Hello, world!", new String((byte[]) messages.get(0).getPayload()));
调试日志是这样开始的...
***
found key for : sitestserver
chain [0] = [
[
Version: V3
Subject: CN=Spring Integration Test Server, OU=SpringSource, O=VMware, L=Palo Alto, ST=CA, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 145953694279918711466593323385178894247518594695766350354036273697592524406041558890428426220351711997889835331198023000923126848152011583237597808196751267657648195434943824515101123741288592866628375132742429927417934808064049810040188644453056781002083733535076342958460726082218474705117624658622289918247
public exponent: 65537
Validity: [From: Sat Feb 25 14:31:38 EST 2012,
To: Mon Feb 01 14:31:38 EST 2112]
Issuer: CN=Spring Integration Test Server, OU=SpringSource, O=VMware, L=Palo Alto, ST=CA, C=US
SerialNumber: [ 4f49371a]
]
Algorithm: [SHA1withRSA]
Signature:
0000: AC 69 48 78 22 9F 32 3F 88 2F DB 49 53 87 F1 10 .iHx".2?./.IS...
0010: 64 D3 30 22 0D 04 13 90 07 9B 0E 9A FB 1F 65 97 d.0"..........e.
0020: 5D 2D C1 C6 A1 8A C5 C7 16 71 A9 47 95 C2 FF D5 ]-.......q.G....
0030: 1D 10 06 51 EE 64 37 A9 D3 B0 69 F9 84 5B 9D 1D ...Q.d7...i..[..
0040: E1 6C C0 48 31 FD 82 10 B5 D4 56 D4 76 2D DE EB .l.H1.....V.v-..
0050: B2 66 1F B6 D1 C3 AA E2 E6 8D 4B B6 05 BC F0 88 .f........K.....
0060: 7B BC 81 B1 C2 BB 3D 1C 0A AD 5B 29 55 94 05 2C ......=...[)U..,
0070: 5B 5C 44 82 54 90 5F B4 70 EA 10 45 AC A0 5F 2B [\D.T._.p..E.._+
]
***
adding as trusted cert:
Subject: CN=Spring Integration Test Client, OU=SpringSource, O=VMware, L=Palo Alto, ST=CA, C=US
Issuer: CN=Spring Integration Test Client, OU=SpringSource, O=VMware, L=Palo Alto, ST=CA, C=US
Algorithm: RSA; Serial number: 0x4f4936f4
Valid from Sat Feb 25 14:31:00 EST 2012 until Mon Feb 01 14:31:00 EST 2112
trigger seeding of SecureRandom
done seeding SecureRandom
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
...
【讨论】:
感谢加里的建议。我使用的密钥库似乎已损坏。在我用新生成的密钥库文件替换后,错误消失了。 JVM 给出的“没有共同的密码套件”异常具有误导性,并且始终使用选项 -Djavax.net.debug=all 记录(至少在 JDK 1.8 中)以上是关于SSLHandshakeException:春季集成TCP服务器中没有共同的密码套件[重复]的主要内容,如果未能解决你的问题,请参考以下文章
Intellij IDEA 许可证激活 (SSLHandshakeException)
Scala:如何忽略“SSLHandshakeException”
SSLHandshakeException 无法验证用户身份