javax.net.ssl.SSLException:收到致命警报:使用bad_record_mac和https

Question

在使用HttpsURLConnection类使用Java中的HTTPS连接到服务器时，我得到了问题标题中所述的异常。此外，我还试图跳过使用the second last answer进行的证书验证。谁能给我建议一下出去的路吗？

更新1:堆栈跟踪

javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1720)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:954)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1165)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:133)
    at com.kuliza.sitepulse.thread.HttpConnectionThread.run(HttpConnectionThread.java:77)
    at java.lang.Thread.run(Thread.java:662)

我得到了代码行的例外：http.connect();，其中http的类型是HttpsURLConnection类。

更新2: SSL日志

以下是SSL握手日志：

[Raw read]: length = 5
0000: 15 03 00 00 02                                     .....
[Raw read]: length = 2
0000: 02 14                                              ..
Thread-6, READ: SSLv3 Alert, length = 2
Thread-6, RECV SSLv3 ALERT:  fatal, bad_record_mac
Thread-6, called closeSocket()

任何线索，这都快把我逼疯了！！

提前感谢！

Answer 1

我知道这事来得太晚了，但这可能会对某人有帮助，对吧？

如果包含更多ssl连接的调试输出，从而导致所包含的错误，则可能会有所帮助。我看到了同样的错误并通过在VM论证中包含-Dhttps.protocols=SSLv3 -Dforce.http.jre.executor=true来解决它.所以如果你幸运的话，这对你也有好处。

这是我的踪迹：

SESSION KEYGEN:
PreMaster Secret:
0000: 03 00 31 86 59 ED 17 07   6C 37 1F 17 19 B4 A1 16  ..1.Y...l7......
0010: 30 99 60 A1 31 BB 3A 0A   0E 7F 61 F5 7E 4F 35 7A  0.`.1.:...a..O5z
0020: 21 6F 1D 63 42 A1 63 43   5E 48 B2 67 35 E3 DA DF  !o.cB.cC^H.g5...
CONNECTION KEYGEN:
Client Nonce:
0000: 52 65 F0 96 23 24 71 D6   51 1A EF D6 31 D1 39 2A  Re..#$q.Q...1.9*
0010: 13 13 2E 41 8C 7E 80 B8   C0 6E 8A 8C 4E 5A CD FA  ...A.....n..NZ..
Server Nonce:
0000: 52 65 F0 96 CD 4B BE A9   E1 F8 34 B3 C3 23 14 35  Re...K....4..#.5
0010: 05 4F 5C 18 D7 10 5E 80   7B FF 73 DA 85 60 84 8C  .O\...^...s..`..
Master Secret:
0000: 0D 11 FE 0D CD 99 C3 3F   D9 40 CF BC 2E C7 40 5E  .......?.@....@^
0010: B0 C5 4F 75 4A 0A 39 1E   E2 0F 54 E1 A1 7F CE 72  ..OuJ.9...T....r
0020: 4F 99 8F E2 D9 7F C1 AC   FD D0 89 62 F7 72 F9 6F  O..........b.r.o
Client MAC write Secret:
0000: 80 7C C8 E7 02 6D 29 A3   E2 E5 BA 44 94 18 19 65  .....m)....D...e
0010: 63 5D 5D 8A                                        c]].
Server MAC write Secret:
0000: 06 58 B6 2F 03 FB E7 C6   48 1F 68 5C 10 DD 58 8D  .X./....H.h\..X.
0010: 36 7B AC AA                                        6...
Client write key:
0000: B5 C6 23 1E 88 F2 30 76   39 18 AB 0C 71 94 E7 8A  ..#...0v9...q...
Server write key:
0000: 9D 49 1C 52 13 B9 F8 44   DA 87 6C 1C 93 CD 9C 8B  .I.R...D..l.....
Client write IV:
0000: 07 1A A6 47 7E 6E 2B F4   A6 7A 6D DC 5E 74 E8 0F  ...G.n+..zm.^t..
Server write IV:
0000: 32 93 23 CC F4 83 1F 2C   B7 22 28 8C A2 7D B1 01  2.#....,."(.....
main, WRITE: SSLv3 Change Cipher Spec, length = 1
[Raw write]: length = 6
0000: 14 03 00 00 01 01                                  ......
*** Finished
verify_data:  { 179, 120, 197, 29, 60, 98, 37, 252, 37, 183, 141, 166, 140, 77, 63, 118, 23, 245, 11, 144, 27, 201, 63, 22, 192, 187, 40, 220, 78, 17, 118, 104, 112, 238, 156, 176 }
***
[write] MD5 and SHA1 hashes:  len = 40
0000: 14 00 00 24 B3 78 C5 1D   3C 62 25 FC 25 B7 8D A6  ...$.x..<b%.%...
0010: 8C 4D 3F 76 17 F5 0B 90   1B C9 3F 16 C0 BB 28 DC  .M?v......?...(.
0020: 4E 11 76 68 70 EE 9C B0                            N.vhp...
Padded plaintext before ENCRYPTION:  len = 64
0000: 14 00 00 24 B3 78 C5 1D   3C 62 25 FC 25 B7 8D A6  ...$.x..<b%.%...
0010: 8C 4D 3F 76 17 F5 0B 90   1B C9 3F 16 C0 BB 28 DC  .M?v......?...(.
0020: 4E 11 76 68 70 EE 9C B0   46 F4 59 24 44 F1 C3 A8  N.vhp...F.Y$D...
0030: 7E FB 80 EB AD 74 35 28   64 31 65 80 03 03 03 03  .....t5(d1e.....
main, WRITE: SSLv3 Handshake, length = 64
[Raw write]: length = 69
0000: 16 03 00 00 40 FE A7 C8   1D 6D 2E A8 A5 C7 78 8D  ....@....m....x.
0010: 68 04 B2 55 42 B3 3C C1   A2 90 F1 A5 9B 39 1D 96  h..UB.<......9..
0020: 53 43 65 15 2A 17 2C 43   70 AE 8C B5 EE 63 C3 91  SCe.*.,Cp....c..
0030: 73 BC D1 45 34 B1 76 46   B8 C5 CE BF 5E 15 72 E6  s..E4.vF....^.r.
0040: FE 16 9C 43 64                                     ...Cd
[Raw read]: length = 5
0000: 15 03 00 00 02                                     .....
[Raw read]: length = 2
0000: 02 14                                              ..
main, READ: SSLv3 Alert, length = 2
main, RECV SSLv3 ALERT:  fatal, bad_record_mac
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLException: Received fatal alert: bad_record_mac