带有Java 7和Wildlfy 8的TLSv1.2-handshake_failure
[英]TLSv1.2 with Java 7 and Wildlfy 8 - handshake_failure
问题描述
In our application we need send some data to foreign customer server web service JAX-WS. 
在我们的应用程序中,我们需要向外部客户服务器Web服务JAX-WS发送一些数据。 I generated required client files from WSDL with using wsimport . 我使用wsimport从WSDL生成了所需的客户端文件。 Then I tried connect to server side web service. 然后,我尝试连接到服务器端Web服务。 But with Java 1.7.0_67 64bit connection wasn't successfull. 但是使用Java 1.7.0_67,64位连接无法成功。 When I change JAVA_HOME, Eclipse Java configuration and Wildfly 8 Runtime environment to Java 8, it was successfull. 当我将JAVA_HOME,Eclipse Java配置和Wildfly 8 Runtime环境更改为Java 8时,它成功了。
By https://www.ssllabs.com server support only TLSv1.2. 通过https://www.ssllabs.com服务器仅支持TLSv1.2。 Therefore I mean that Java 8 hasn't problem connect on this, because I think that Java 8 use implicit TLSv1.2. 因此,我的意思是Java 8对此没有问题,因为我认为Java 8使用了隐式TLSv1.2。 So for Java 7 I tried set using TLSv1.2. 因此,对于Java 7,我尝试使用TLSv1.2进行设置。 I made this with: 我这样做的:
-Ddeployment.security.TLSv1.2=true -Dhttps.protocols=TLSv1.2
or 要么
-Ddeployment.security.TLSv1.2=true -Ddeployment.security.TLSv1=false -Dhttps.protocols=TLSv1.2
or I try set https.protocols via System.setProperty() . 或者我尝试通过System.setProperty()设置https.protocols 。
Ok, after these settings, in log looks as comunication starts use TLSv1.2. 好的,完成这些设置后,在日志中显示通信开始时使用TLSv1.2。 But on point RECV TLSv1 ALERT: fatal, handshake_failure it looks as using version TLSv1. 但是在RECV TLSv1 ALERT: fatal, handshake_failure点上RECV TLSv1 ALERT: fatal, handshake_failure看起来像在使用TLSv1版本。 Shortended Log: 短日志:
//SOME ADDINGS TRUSTED CERT
12:42:00,426 INFO [stdout] (default task-27) Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
12:42:00,426 INFO [stdout] (default task-27) Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
//SOME ANOTHER Ignoring unsupported cipher suite messages
12:42:00,526 INFO [stdout] (default task-27) Allow unsafe renegotiation: false
12:42:00,527 INFO [stdout] (default task-27) Allow legacy hello messages: true
12:42:00,527 INFO [stdout] (default task-27) Is initial handshake: true
12:42:00,527 INFO [stdout] (default task-27) Is secure renegotiation: false
12:42:00,528 INFO [stdout] (default task-27) default task-27, setSoTimeout(60000) called
12:42:00,533 INFO [stdout] (default task-27) %% No cached client session
12:42:00,540 INFO [stdout] (default task-27) *** ClientHello, TLSv1.2
12:42:00,543 INFO [stdout] (default task-27) RandomCookie: GMT: 1437570568 bytes = { 40, 32, 41, 207, 219, 45, 44, 254, 211, 5, 213, 185, 140, 88, 46, 94, 49, 236, 52, 25, 75, 221, 38, 210, 90, 95, 156, 61 }
12:42:00,543 INFO [stdout] (default task-27) Session ID: {}
12:42:00,544 INFO [stdout] (default task-27) Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
12:42:00,544 INFO [stdout] (default task-27) Compression Methods: { 0 }
12:42:00,545 INFO [stdout] (default task-27) Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
12:42:00,545 INFO [stdout] (default task-27) Extension ec_point_formats, formats: [uncompressed]
12:42:00,545 INFO [stdout] (default task-27) Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
12:42:00,545 INFO [stdout] (default task-27) Extension server_name, server_name: [host_name: app.bundesnetzagentur.de]
12:42:00,546 INFO [stdout] (default task-27) ***
12:42:00,547 INFO [stdout] (default task-27) [write] MD5 and SHA1 hashes: len = 226
// SOME HASHES
12:42:00,631 INFO [stdout] (default task-27) [Raw read]: length = 5
12:42:00,632 INFO [stdout] (default task-27) 0000: 15 03 03 00 02 .....
12:42:00,633 INFO [stdout] (default task-27) [Raw read]: length = 2
12:42:00,633 INFO [stdout] (default task-27) 0000: 02 28 .(
12:42:00,634 INFO [stdout] (default task-27) default task-27, READ: TLSv1.2 Alert, length = 2
12:42:00,634 INFO [stdout] (default task-27) default task-27, RECV TLSv1 ALERT: fatal, handshake_failure
12:42:00,634 INFO [stdout] (default task-27) default task-27, called closeSocket()
12:42:00,635 INFO [stdout] (default task-27) default task-27, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
12:42:00,635 INFO [stdout] (default task-27) default task-27, called close()
12:42:00,635 INFO [stdout] (default task-27) default task-27, called closeInternal(true)
12:42:00,637 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (default task-27) Interceptor for {https://app.bundesnetzagentur.de/WS_VersorgUnterbrGas}WS_VersUnterbrechungGas#{https://app.bundesnetzagentur.de/WS_VersorgUnterbrGas}BeginnTransaktion has thrown exception, unwinding now: org.apache.cxf.interceptor.Fault: Could not send Message.
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:570)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:479)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:382)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:335)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:136)
at com.sun.proxy.$Proxy144.beginnTransaktion(Unknown Source)
at de.ids.mabiplus.bna.jaxws.web.BnaExportJaxwsAction.execute(BnaExportJaxwsAction.java:37) [acosnms-om-java-3.14.0.0-SNAPSHOT.jar:]
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) [struts-1.2.9.jar:1.2.9]
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) [struts-1.2.9.jar:1.2.9]
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) [struts-1.2.9.jar:1.2.9]
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) [struts-1.2.9.jar:1.2.9]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at de.ids.mabi.client.common.control.ControlFilter.doFilter(ControlFilter.java:77) [classes:]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at de.ids.gaja.umgr.auth.AuthenticationFilter.doFilter(AuthenticationFilter.java:68) [classes:]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at de.ids.gaja.utils.i18n.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:107) [wega-utils-web-0.16-SNAPSHOT.jar:]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198) [spring-orm-3.1.0.RELEASE.jar:3.1.0.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) [spring-web-3.1.0.RELEASE.jar:3.1.0.RELEASE]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at de.ids.gaja.platform.commons.web.ServiceFilter.doFilter(ServiceFilter.java:51) [classes:]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:166) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:197) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_67]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_67]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_67]
Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://app.bundesnetzagentur.de/WS_VersorgUnterbrGas/WS_VersUnterbrechungGas.asmx: Received fatal alert: handshake_failure
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) [rt.jar:1.7.0_67]
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) [rt.jar:1.7.0_67]
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) [rt.jar:1.7.0_67]
at java.lang.reflect.Constructor.newInstance(Constructor.java:526) [rt.jar:1.7.0_67]
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1347)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1331)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:632)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
... 59 more
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) [jsse.jar:1.7.0_67]
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) [jsse.jar:1.7.0_67]
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1959) [jsse.jar:1.7.0_67]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077) [jsse.jar:1.7.0_67]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) [jsse.jar:1.7.0_67]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) [jsse.jar:1.7.0_67]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) [jsse.jar:1.7.0_67]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) [rt.jar:1.7.0_67]
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) [rt.jar:1.7.0_67]
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091) [rt.jar:1.7.0_67]
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) [rt.jar:1.7.0_67]
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.java:174)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1290)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1246)
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:201)
at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1303)
... 62 more
12:42:00,646 WARN [org.apache.struts.action.RequestProcessor] (default task-27) Unhandled Exception thrown: class javax.xml.ws.WebServiceException
12:42:00,647 ERROR [io.undertow.request] (default task-27) UT005023: Exception handling request to /acosNms/om/outagesToBna.do: javax.servlet.ServletException: javax.xml.ws.WebServiceException: Could not send Message.
at org.apache.struts.action.RequestProcessor.processException(RequestProcessor.java:535) [struts-1.2.9.jar:1.2.9]
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:433) [struts-1.2.9.jar:1.2.9]
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) [struts-1.2.9.jar:1.2.9]
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) [struts-1.2.9.jar:1.2.9]
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) [struts-1.2.9.jar:1.2.9]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at de.ids.mabi.client.common.control.ControlFilter.doFilter(ControlFilter.java:77) [classes:]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at de.ids.gaja.umgr.auth.AuthenticationFilter.doFilter(AuthenticationFilter.java:68) [classes:]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at de.ids.gaja.utils.i18n.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:107) [wega-utils-web-0.16-SNAPSHOT.jar:]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198) [spring-orm-3.1.0.RELEASE.jar:3.1.0.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) [spring-web-3.1.0.RELEASE.jar:3.1.0.RELEASE]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at de.ids.gaja.platform.commons.web.ServiceFilter.doFilter(ServiceFilter.java:51) [classes:]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:166) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:197) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_67]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_67]
at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_67]
Caused by: javax.xml.ws.WebServiceException: Could not send Message.
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:147)
at com.sun.proxy.$Proxy144.beginnTransaktion(Unknown Source)
at de.ids.mabiplus.bna.jaxws.web.BnaExportJaxwsAction.execute(BnaExportJaxwsAction.java:37) [acosnms-om-java-3.14.0.0-SNAPSHOT.jar:]
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) [struts-1.2.9.jar:1.2.9]
... 49 more
Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://app.bundesnetzagentur.de/WS_VersorgUnterbrGas/WS_VersUnterbrechungGas.asmx: Received fatal alert: handshake_failure
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) [rt.jar:1.7.0_67]
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) [rt.jar:1.7.0_67]
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) [rt.jar:1.7.0_67]
at java.lang.reflect.Constructor.newInstance(Constructor.java:526) [rt.jar:1.7.0_67]
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1347)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1331)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:632)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:570)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:479)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:382)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:335)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:136)
... 52 more
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) [jsse.jar:1.7.0_67]
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) [jsse.jar:1.7.0_67]
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1959) [jsse.jar:1.7.0_67]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077) [jsse.jar:1.7.0_67]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) [jsse.jar:1.7.0_67]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) [jsse.jar:1.7.0_67]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) [jsse.jar:1.7.0_67]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) [rt.jar:1.7.0_67]
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) [rt.jar:1.7.0_67]
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091) [rt.jar:1.7.0_67]
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) [rt.jar:1.7.0_67]
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.java:174)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1290)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1246)
at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:201)
at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1303)
.. more 62
For solve problems with Ignoring unsupported cipher suite I installed Unlimited JCEPolicy JDK7. 为了解决Ignoring unsupported cipher suite问题,我安装了Unlimited JCEPolicy JDK7。 But some still remained. 但是仍然有些。 But I think that problem is that on row RECV TLSv1 ALERT: fatal, handshake_failure is used older and server unsupported TLSv1 version. 但是我认为问题是在RECV TLSv1 ALERT: fatal, handshake_failure行上RECV TLSv1 ALERT: fatal, handshake_failure使用的是更旧的RECV TLSv1 ALERT: fatal, handshake_failure并且服务器不支持TLSv1版本。 But why on this point is change this version? 但是,为什么现在要更改此版本? Is possible some settings for ONLY TLSv1.2 use? 是否可以仅使用TLSv1.2进行某些设置? Or is possible that problem is elsewhere? 还是这个问题可能在其他地方? Very thanks for help ! 非常感谢您的帮助!
EDIT: By @dave_thompson_085 comment below, this looks as that "Java 7 JSSE is Ignoring SHA2 suites as unsupported". 编辑:通过下面的@ dave_thompson_085注释,这看起来像是“ Java 7 JSSE忽略不支持SHA2套件”。 For more information you can see this comment. 有关更多信息,请参见此评论。 And I forget mean that for Java 8, which worked right, I added jssecacert file into /lib/security. 而且我忘了意味着对于Java 8来说,它工作正常,我在/ lib / security中添加了jssecacert文件。 This file I generated by InstallCert . 我是由InstallCert生成的。 But with Java 7 I get similiar error as in application during obtaining certificate via InstallCert. 但是使用Java 7时,在通过InstallCert获得证书期间,在应用程序中出现了类似的错误。 But I think that is not relate with my problem, because my handshake_failure is other type of problem than unable to find valid certification path to requested target which I got with Java 8 before than I add jssecacerts file into /lib/security. 但是,我认为是不是与我的问题有关,因为我handshake_failure是其他类型的比问题unable to find valid certification path to requested target ,我与Java 8得到了比之前我添加jssecacerts文件到/ lib / security中。
2 个解决方案
解决方案1
1 2016-02-02 12:53:16
Java 7 only supports TLSv1 and not TLSv1.2. Java 7仅支持TLSv1,不支持TLSv1.2。
As well as the well known scanning tool, SSL Labs also has a nice "User Agent Cabailities" section: https://www.ssllabs.com/ssltest/clients.html 除了众所周知的扫描工具外,SSL Labs还具有一个不错的“用户代理功能”部分: https ://www.ssllabs.com/ssltest/clients.html
Here's the detail for Java 7 https://www.ssllabs.com/ssltest/viewClient.html?name=Java&version=7u25 这是Java 7的详细信息https://www.ssllabs.com/ssltest/viewClient.html?name=Java&version=7u25
This should also have shown up under the the site scan report that Java 7 wouldn't be able to connect. 这也应该显示在站点扫描报告下,表明Java 7无法连接。
解决方案2
0 已采纳 2016-02-04 09:18:51
I solved my problem already. 我已经解决了我的问题。 How I stated in my EDIT, and @dave_thompson_085 told in his comment, wrong version of TLS in RECV TLSv1 ALERT: fatal is maybe only log bug. 我在EDIT中的说法以及@ dave_thompson_085在他的评论中说的是RECV TLSv1 ALERT: fatal的TLS错误版本RECV TLSv1 ALERT: fatal可能只是日志错误。 So whole communication was realized in TLSv1.2. 因此,整个通信在TLSv1.2中得以实现。 But problem was with Ignoring unsupported cipher suite some ciphers what I need. 但是问题是Ignoring unsupported cipher suite了我需要的某些密码,而Ignoring unsupported cipher suite 。 Even if I used Unlimited JCEPolicy JDK7. 即使我使用了Unlimited JCEPolicy JDK7。 But for enable these ciphers I must add https.cipherSuites with these ciphers into VM arguments too. 但是,为了启用这些密码,我还必须将带有这些密码的https.cipherSuites添加到VM参数中。 So when somebody will have problem with unsupported ciphers which should supported in some Java version, will be good try add this VM argument. 因此,当有人遇到某些Java版本应支持的不支持密码的问题时,可以尝试添加此VM参数。 Article about this: http://fsanglier.blogspot.cz/2015/04/java-7-and-tlsv12-supported-but-not-enabled.html 关于此的文章: http : //fsanglier.blogspot.cz/2015/04/java-7-and-tlsv12-supported-but-not-enabled.html
and my related question where about this: Java 7 does not support ciphers which should be supported 和我有关的问题在哪里: Java 7不支持应该支持的密码
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Java 8 RECV TLSv1.2 警报:致命,握手失败 - Java 8 RECV TLSv1.2 ALERT: fatal, handshake_failure
Android TLSv1.2 handshake_failure - Android TLSv1.2 handshake_failure
TLSv1.2 PC => Android 5.0.2 handshake_failure - TLSv1.2 PC => Android 5.0.2 handshake_failure
Java 7:发送TLSv1.2警报:致命,描述= handshake_failure ule子 - Java 7: SEND TLSv1.2 ALERT: fatal, description = handshake_failure mule
带有TLSv1.2的Java 7连接到LDAPS握手失败 - Java 7 with TLSv1.2 connect to LDAPS handshake failure
Java 1.8:TLSv1.2 ClientHello握手失败(缺少椭圆曲线扩展?) - Java 1.8: TLSv1.2 ClientHello handshake failure (missing elliptical curve extensions?)
Java 1.6 TLS 1.2 handshake_failure - Java 1.6 TLS 1.2 handshake_failure
Jboss-握手失败-使用TLSv1.1而不是TLSv1.2的客户端连接 - Jboss - handshake failure - client connection using TLSv1.1 instead of TLSv1.2
Tomcat 6和TLSv1.2在Java中 - Tomcat 6 and TLSv1.2 In Java
Java 7和TLSv1.2套接字 - Java 7 and TLSv1.2 socket
相关标签