本文主要是介绍javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure问题解决,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
原文出处:https://wuyongshi.top/articles/2018/07/08/1531020199145.html
jdk1.7访问https报javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure问题解决
错误日志:
本地jdk版本java version "1.8.0_31"
,代码中已对https做了相应处理:信任所有来源证书,运行正常;上包到服务器(服务器jdk版本java version "1.7.0_80"
),报以下ssl异常:
org.htmlparser.util.ParserException: Received fatal alert: protocol_version;
javax.net.ssl.SSLException: Received fatal alert: protocol_versionat sun.security.ssl.Alerts.getSSLException(Alerts.java:208)at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1959)at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077)at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)at org.htmlparser.http.ConnectionManager.openConnection(ConnectionManager.java:643)at org.htmlparser.http.ConnectionManager.openConnection(ConnectionManager.java:841)at org.htmlparser.Parser.setURL(Parser.java:449)at com.travelsky.easytest.spider.SpiderUtil.SearchUrl(SpiderUtil.java:135)at com.travelsky.easytest.spider.SpiderUtil.getKeyWorld(SpiderUtil.java:162)at com.travelsky.easytest.spider.SpiderUtil.getResultContext(SpiderUtil.java:66)at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)at java.lang.reflect.Method.invoke(Method.java:606)at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:44)at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:41)at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.executeTestMethod(JUnit4TestRunnerDecorator.java:142)at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.invokeExplosively(JUnit4TestRunnerDecorator.java:71)at mockit.integration.junit4.internal.MockFrameworkMethod.invokeExplosively(MockFrameworkMethod.java:40)at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java)at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:76)at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50)at org.junit.runners.ParentRunner$3.run(ParentRunner.java:193)at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:52)at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:191)at org.junit.runners.ParentRunner.access$000(ParentRunner.java:42)at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:184)at org.junit.runners.ParentRunner.run(ParentRunner.java:236)at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:50)at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:459)at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:675)at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:382)at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:192)
解决方案尝试:
1. 如果代码还可以改动(代码未上线),直接在网络请求前加上
System.setProperty("https.protocols", "TLSv1.2,TLSv1.1,SSLv3");
2.如果代码已上线,可以设置JVM参数如下,以提高客户端的TLS版本
-Dhttps.protocols=TLSv1.2,TLSv1.1,TLSv1.0,SSLv3,SSLv2Hello
已上两种解决方案对我无效,我采用的是第三种
3. 更换jdk中jce的jar包
网上资料说这个应该是旧版本jdkjce中安全机制的bug,要去oracle官网下载对应的jce包替换jdk中的jce包
jce所在jdk的路径: %JAVA_HOME%\jre\lib\security里的local_policy.jar,US_export_policy.jarJDK7 http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.htmlJDK8 http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
4.升级 JDK到1.8版本
这篇关于javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure问题解决的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!