Java SSL错误403禁止
[英]Java SSL error 403 Forbidden
问题描述
Could someone help me to spot if there is anything wrong here with my SSLHandshake? 
有人可以帮我找出我的SSLHandshake是否有问题吗?
I have a Java client app (using Spring WS security) trying to send data to a server (not in my control) and I've setup the following 我有一个Java客户端应用程序(使用Spring WS安全性)试图将数据发送到服务器(不在我的控件中),并且我设置了以下内容
- Client Truststore with certificate from the server 客户端信任库,带有来自服务器的证书
- Java Keystore with my "PrivateKeyEntry" certificate & chains + certificate from the server (maybe that's not necessary) Java密钥库,带有我的“ PrivateKeyEntry”证书和来自服务器的证书链+证书(可能不是必需的)
- Server has imported my public key associated with #2. 服务器已导入与#2关联的我的公共密钥。
Below my debug SSL handshake log (some parts abbreviated), I can't seem to find any error.. is this something the server side need to look into? 在我的调试SSL握手日志下方(某些部分已缩写),我似乎找不到任何错误..这是服务器端需要研究的吗? (I'm not sure, they are not sure, such the reason I'm asking here) (我不确定,他们不确定,所以我在这里问的原因)
===== =====
...
loading bunch of truststore certs..
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1434719494 bytes = { 99, 87, 115, 11, 185, 203, 150, 154, 249, 227, 214, 17, 102, 68, 224, 171, 37, 125, 178, 169, 216, 111, 32, 118, 22, 231, 1, 135 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
***
main, WRITE: TLSv1 Handshake, length = 73
main, WRITE: SSLv2 client hello message, length = 98
main, READ: TLSv1 Handshake, length = 1347
*** ServerHello, TLSv1
RandomCookie: GMT: 1434719497 bytes = { 210, 157, 0, 180, 231, 29, 218, 170, 155, 154, 158, 136, 171, 172, 173, 11, 9, 95, 169, 164, 107, 33, 138, 187, 114, 62, 39, 224 }
Session ID: {86, 132, 21, 9, 10, 164, 177, 194, 128, 194, 233, 113, 113, 209, 137, 96, 86, 15, 246, 171, 126, 60, 182, 249, 58, 108, 215, 127, 171, 228, 223, 15}
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA
Compression Method: 0
***
%% Created: [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]
** TLS_RSA_WITH_AES_128_CBC_SHA
*** Certificate chain
[abbreviated for simplification]...loads
chain[0]
....
....chain[6]
***
Found trusted certificate:
[
[Abbreviated here for simplification]
]
Certificate Extensions: 6
[1]: .... [Abbreviated here for simplification]
[2]: ..... [Abbreviated here for simplification]
[3]: ..... [Abbreviated here for simplification]
[4]: ..... [Abbreviated here for simplification]
[5]: ..... [Abbreviated here for simplification]
[6]: ..... [Abbreviated here for simplification]
*** ServerHelloDone
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
main, WRITE: TLSv1 Handshake, length = 262
SESSION KEYGEN:
PreMaster Secret:
.... [Abbreviated here for simplification]
CONNECTION KEYGEN:
Client Nonce:
.... [Abbreviated here for simplification]
Server Nonce:
.... [Abbreviated here for simplification]
Master Secret:
.... [Abbreviated here for simplification]
Client MAC write Secret:
... [Abbreviated here for simplification]
Server MAC write Secret:
.....[Abbreviated here for simplification]
Client write key:
0000: 26 0E 02 DE 04 67 CF 56 79 17 FA 89 98 A3 D0 75 &....g.Vy......u
Server write key:
0000: 02 3E 5E 9D 7B C4 74 36 74 58 7E 64 D6 FF B4 2D .>^...t6tX.d...-
Client write IV:
0000: 87 7B 42 7D 33 E9 2C E2 50 E8 49 FE 0C C9 FE 37 ..B.3.,.P.I....7
Server write IV:
0000: 4C 35 0F 1C F1 23 9F A3 49 21 5D 58 24 51 8F 9C L5...#..I!]X$Q..
main, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 127, 65, 162, 165, 117, 87, 61, 139, 47, 253, 84, 93 }
***
main, WRITE: TLSv1 Handshake, length = 48
main, READ: TLSv1 Change Cipher Spec, length = 1
main, READ: TLSv1 Handshake, length = 48
*** Finished
verify_data: { 198, 137, 122, 87, 73, 249, 126, 148, 111, 156, 34, 192 }
***
%% Cached client session: [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]
main, WRITE: TLSv1 Application Data, length = 416
main, WRITE: TLSv1 Application Data, length = 9520
main, READ: TLSv1 Application Data, length = 192
main, called close()
main, called closeInternal(true)
main, SEND TLSv1 ALERT: warning, description = close_notify
main, WRITE: TLSv1 Alert, length = 32
org.springframework.ws.client.WebServiceTransportException: Forbidden [403]
1 个解决方案
解决方案1
2 2015-12-30 22:21:28
SSL error 403
On the contrary. 反之。 There is no SSL error here. 这里没有SSL错误。 403 is an HTTP error code, and the fact that you received it indicates that your SSL setup is working perfectly. 403是HTTP错误代码,收到的事实表明您的SSL设置运行正常。
403 means 'Forbidden', which means you're using a URL youve denied client access to under some or possibly all circumstances. 403表示“禁止”,表示您使用的URL在某些甚至所有情况下都拒绝客户端访问。 Only you know what they are. 只有你知道他们是什么。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.