javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure問題解決

原創

小糊涂10

2018-11-19 23:03

原文出處：https://wuyongshi.top/articles/2018/07/08/1531020199145.html

jdk1.7訪問https報javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure問題解決

錯誤日誌：

本地jdk版本java version "1.8.0_31",代碼中已對https做了相應處理：信任所有來源證書，運行正常；上包到服務器（服務器jdk版本java version "1.7.0_80"），報以下ssl異常：

org.htmlparser.util.ParserException: Received fatal alert: protocol_version;
javax.net.ssl.SSLException: Received fatal alert: protocol_version
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
	at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1959)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
	at org.htmlparser.http.ConnectionManager.openConnection(ConnectionManager.java:643)
	at org.htmlparser.http.ConnectionManager.openConnection(ConnectionManager.java:841)
	at org.htmlparser.Parser.setURL(Parser.java:449)
	at com.travelsky.easytest.spider.SpiderUtil.SearchUrl(SpiderUtil.java:135)
	at com.travelsky.easytest.spider.SpiderUtil.getKeyWorld(SpiderUtil.java:162)
	at com.travelsky.easytest.spider.SpiderUtil.getResultContext(SpiderUtil.java:66)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)
	at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.executeTestMethod(JUnit4TestRunnerDecorator.java:142)
	at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.invokeExplosively(JUnit4TestRunnerDecorator.java:71)
	at mockit.integration.junit4.internal.MockFrameworkMethod.invokeExplosively(MockFrameworkMethod.java:40)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:76)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:236)
	at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:50)
	at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459)
	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:675)
	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382)
	at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)

解決方案嘗試：

1. 如果代碼還可以改動（代碼未上線）,直接在網絡請求前加上

System.setProperty("https.protocols", "TLSv1.2,TLSv1.1,SSLv3");

2.如果代碼已上線，可以設置JVM參數如下，以提高客戶端的TLS版本

-Dhttps.protocols=TLSv1.2,TLSv1.1,TLSv1.0,SSLv3,SSLv2Hello

已上兩種解決方案對我無效，我採用的是第三種

3. 更換jdk中jce的jar包

網上資料說這個應該是舊版本jdkjce中安全機制的bug，要去oracle官網下載對應的jce包替換jdk中的jce包

jce所在jdk的路徑： %JAVA_HOME%\jre\lib\security裏的local_policy.jar,US_export_policy.jar

JDK7 http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html

JDK8 http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

4.升級 JDK到1.8版本

發表評論

所有評論

還沒有人評論，想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure問題解決

jdk1.7訪問https報javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure問題解決

解決方案嘗試：

IO模型筆記(好記性不如爛筆頭)

Redis的四種模式,單機、主從、哨兵、集羣

JVM架構和GC命令總結

Netty學習筆記之ChannelHandler

SpringBoot實現Vue-admin-template登錄

Mac下配置sublime實現LaTeX

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結