JDK1.5 SSLHandshakeException

Question

我有个奇怪的问题，我无法解决。

我有JDK1.5版本和基于SSL的通过套接字进行通信，只需发送和接收字符串数据。

try {

    KeyStore ks = KeyStore.getInstance("JKS");
    ks.load(new FileInputStream(
            "path_to_.jks"),
            "secret_of_jks".toCharArray());

    TrustManagerFactory tmf = TrustManagerFactory
            .getInstance(TrustManagerFactory.getDefaultAlgorithm());
    tmf.init(ks);
    KeyManagerFactory kmf = KeyManagerFactory
            .getInstance(KeyManagerFactory.getDefaultAlgorithm());
    kmf.init(ks, "secret_of_jks".toCharArray());
    SSLContext ctx = SSLContext.getInstance("TLS");
    ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
    Socket s = ctx.getSocketFactory().createSocket("address_of_server", PORT);

    String jsonEx = "json text to send server";
    StringBuilder sb = new StringBuilder();
    sb.append(jsonEx.getBytes().length);
    sb.append("\r\n");
    sb.append(jsonEx);


    PrintWriter writer = new PrintWriter(s.getOutputStream(), true);
    writer.println(sb.toString());
    BufferedReader in =  new BufferedReader(new InputStreamReader(s.getInputStream()));
    System.out.println(in.readLine());
    writer.flush();
} catch (Exception e) {
    e.printStackTrace();
}

当我使用JDK 1.7+时，一切都正常工作，但当我切换到1.6时，它会抛出javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

我的证书是2048加密的，我还安装了JCE无限强管辖权策略http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html

如果有人感兴趣的话，这里有完全的例外：

连接已关闭: com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1154) at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:65) at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(StreamDecoder.java:411) at sun.nio.cs.StreamDecoder$CharsetSD.implRead(StreamDecoder.java:453)在握手期间远程主机关闭连接在sun.nio.cs.StreamDecoder.read(StreamDecoder.java:183) at java.io.InputStreamReader.read(InputStreamReader.java:167) at java.io.BufferedReader.fill(BufferedReader.java:136) at java.io.BufferedReader.readLine(BufferedReader.java:299) at java.io.BufferedReader.readLine(BufferedReader.java:362) at ConnectorTest.main(ConnectorTest.java:45)：远程主机在握手期间关闭连接在com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:739) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1025) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:619) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59) at sun.nio.cs.StreamEncoder$CharsetSE.writeBytes(StreamEncoder.java：在sun.nio.cs.StreamEncoder$CharsetSE.implFlushBuffer(StreamEncoder.java:404) at sun.nio.cs.StreamEncoder$CharsetSE.implFlush(StreamEncoder.java:408) at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:152) at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:213) at java.io.BufferedWriter.flush(BufferedWriter.java:236) at java.io.PrintWriter.newLine(PrintWriter.java:410) at java。java.io.PrintWriter.println(PrintWriter.java:670) at ConnectorTest.main(ConnectorTest.java:43)的io.PrintWriter.println(PrintWriter.java:559)由: java.io.EOFException: SSL对等点在com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:720)的com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:321)不正确地关闭. 13

ConnectorTest Line 43 is

System.out.println(in.readLine());

更新的

trigger seeding of SecureRandom
done seeding SecureRandom
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
%% No cached client session
*** ClientHello, TLSv1
RandomCookie:  GMT: 1439443814 bytes = { 228, 36, 73, 128, 109, 225, 11, 36, 62, 40, 147, 150, 27, 145, 150, 163, 244, 28, 97, 56, 188, 81, 117, 31, 235, 60, 101, 224 }
Session ID:  {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
***
main, WRITE: TLSv1 Handshake, length = 75
main, WRITE: SSLv2 client hello message, length = 101
main, received EOFException: error
main, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
main, SEND TLSv1 ALERT:  fatal, description = handshake_failure
main, WRITE: TLSv1 Alert, length = 2
main, called closeSocket()

更新2

我刚发现，他们之间的区别是：

有效期自2月16日(星期二) 20:07:36 GET 2016至清华2月16日20:07:36 GET 2017 1.7正确 自2月16日起有效 16 :07:36格林尼治时间2016年清华2月16日 16 :07:36格林尼治时间2017年1.6错误

Answer 1

经过大量的研究，我发现，没有办法做到这一点，当然，安装无限的政策也是丑陋的解决方案。Sun不建议我们改变政策。解决这个问题的最好方法是，总是比这个更好地维护Java版本。我不得不在1.5上写文章，没有其他机会简单地升级系统，我决定了更糟的，但唯一的解决方案，当然，这是有效的。我用Java 1.8 + Wildlfy 8.2在同一台机器上创建了某种代理服务，该机器具有不同的Jboss端口，并从那里调用服务。1.5和1.8应用程序使用简单的soap协议进行通信。问题“解决了”。

Answer 2

可能是服务器不支持客户端的SSL版本(客户端提供的SSL版本太低)。

尝试添加系统属性"javax.net.debug=ssl“，以便在系统输出中获得更好的错误描述。例如：

System.setProperty("javax.net.debug", "ssl");

或添加命令行参数：

-Djavax.net.debug=ssl

为什么要使用旧的Java？如果必须使用1.6，请尝试将其更新为最新的修补程序版本。