问题描述
我面临有关双向SSL连接的问题。 启用并通过SSL调试日志后,我发现证书交换正常发生。 但是在CertificateVerify步骤之后,在更改为新建立的密码套件时,它会因SSLHandshakeException而失败。
另一件事是,我正在使用org.apache.http.conn.ssl.SSLConnectionSocketFactory类进行连接,并使用javax.net.ssl.SSLContext提供Keystore-Path,Keystore-Password,Keystore-Type和Java -truststore-path和Truststore-password。
我还在jre / lib / security文件夹中安装了Unlimited_JCE_Policy jar。 但是问题仍然没有解决。
以下是SSL调试日志(针对敏感信息进行了编辑),这是在Tomcat服务器中添加-Djavax.net.debug = all选项后得到的。
我用尽了所有选择,请帮助我调试一下。
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1
%% No cached client session
*** ClientHello,TLSv1.2
RandomCookie: GMT: 1587274296 bytes = { 228,35,120,21,209,132,30,149,198,112,126,140,242,220,243,241,56,217,176,72,122,189,186,84,138,107 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves,curve names: {secp256r1,secp384r1,secp521r1,sect283k1,sect283r1,sect409k1,sect409r1,sect571k1,sect571r1,secp256k1}
Extension ec_point_formats,formats: [uncompressed]
Extension signature_algorithms,signature_algorithms: SHA512withECDSA,SHA512withRSA,SHA384withECDSA,SHA384withRSA,SHA256withECDSA,SHA256withRSA,SHA256withDSA,SHA224withECDSA,SHA224withRSA,SHA224withDSA,SHA1withECDSA,SHA1withRSA,SHA1withDSA
Extension server_name,server_name: [type=host_name (0),value=dummy.com]
***
*** ServerHello,TLSv1.2
RandomCookie: GMT: -2114684890 bytes = { 90,119,248,216,146,249,153,116,215,63,118,5,51,75,65,234,73,80,89,71,187,85,226 }
Session ID: {112,15,25,164,178,92,24,151,252,227,204,222,165,37,166,93,48,20,154,31,32,87,70,46,28,203,174,53}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Compression Method: 0
Extension renegotiation_info,renegotiated_connection: <empty>
Extension ec_point_formats,formats: [uncompressed]
***
%% Initialized: [Session-1,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
** TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=dummy.com,O=DUMMY Limited,L=Mumbai,ST=Maharashtra,C=IN
Signature Algorithm: SHA256withRSA,OID = 1.2.111.110.1.1.11
Key: Sun RSA public key,4096 bits
modulus: 7052631620228616775547420082798548950919340244279073769913613702342981771967237727631055951453640239431872969513669580187218236284810019094046772967383964532691044447883775955540400053241556727447454890970235292057633871512623754154522008251593390574617993609393573311038571044673755004608177602839240960109581315205585347515078577522273536482843663843811938218601566841063681809030993800845128902732754491954172896897202969405469795346575603858447770830369150744853454485036414564857862466788398095271768313704507089183067041424424717802090540269511201316204005685738584558793704003073277045577506581083711618971410286995431647668371083015395607216137051566569465878831815839796621268795715613323716340707965068111045737962122919999999999999933600342589999999999999845225257671111111111111111111137441
public exponent: 64437
Validity: [From: Mon Jul 06 12:53:18 IST 2020,To: Tue Oct 04 12:53:17 IST 2022]
Issuer: CN=entrust Certification Authority - L1K,OU="(c) 2012 entrust,Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="entrust,Inc.",C=US
SerialNumber: [ 05899999 86999999 41999999 a9999999]
Certificate Extensions: 10
[1]: ObjectId: 1.2.7.1.3.1.11111.1.5.1 Criticality=false
------------------------------------------------------------
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
------------------------------------------------------------
]
***
Found trusted certificate:
[
[
Version: V3
Subject: CN=dummy.com,OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key,4096 bits
modulus: 7429401386363194735786622861677554742008279854895091934024427907376991361370234298177196736239611005309266079510841102241838644451686007112674335445896622723772763105595145364023943187296951366958018721823027277873629629885038121643592346301790624375915886284810019094046772967383964532691044447883775955540400053241556727447454890970235292057633871512623754154522008251593390574617993609393573311038571044673755004608177602839240960109581315205585347515078577522273536482843663843811938218601566841063681809030993800845128902732754491954172896897202969405469795346575603858447770830369150744853454485036414564857862466788398095271768313704507089183067041424444444444444444424717802090540277777777777777777777777777714102869954316476683711111111111111111110830153956072161370511111111111111111111566569465878831815839999999999999999999997966213677137441
public exponent: 65887
Validity: [From: Mon Jul 06 12:53:18 IST 2020,C=US
SerialNumber: [ 05888888 8688888 41QAAAA a2ddddDD]
Certificate Extensions: 10
[1]: ObjectId: 8.3.2.1.4.1.11129.2.9.2 Criticality=false
]
*** ECDH ServerKeyExchange
Signature Algorithm SHA256withRSA
Server key: Sun EC public key,384 bits
public x coord: 11111111111111111111117999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999
public y coord: 22222222222222222222228888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888
------------------------------------------------------------
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
------------------------------------------------------------
TP-Processor3,READ: TLSv1.2 Handshake,length = 36
*** CertificateRequest
Cert Types: RSA,DSS,ECDSA
Supported Signature Algorithms: SHA256withRSA,UnkNown (hash:0x5,signature:0x2),UnkNown (hash:0x6,SHA512withECDSA,SHA1withDSA,SHA1withECDSA
Cert Authorities:
<Empty>
TP-Processor3,length = 4
*** ServerHellodone
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=CLIENT.com,O=CLIENT PRIVATE LIMITED,L=Bengaluru,ST=Karnataka,OID = 1.2.888.111111.1.1.11
Key: Sun RSA public key,2048 bits
modulus: 290917627347077908622611910632100000000000000000000000000000046087609704050900299815422531856488310792015976698480303255190950151018144486664719368897666666666666666666666666666667145802981061762927385555555555555555555555555555555555555555503641034961875452964581873004195272822222222222222222222222222222222222241568761927572710269917900733536516748436670893218496130253762999469395666158787885478532805483186099417219102169363707338972728090057330429792574728036578324737889348700154291814348847920005022222222222222222222222222222222222222222222222222222222102150393074157132754725779611111111111111111111111111111111113565461
public exponent: 65537
Validity: [From: Thu Dec 12 05:30:00 IST 2019,To: Tue Dec 15 17:30:00 IST 2020]
Issuer: CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US
SerialNumber: [ 0666666a 2077777d 2888888 4199999]
Certificate Extensions: 10
[1]: ObjectId: 1.2.5.1.3.1.11155.6.7.8 Criticality=false
------------------------------------------------------------
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
------------------------------------------------------------
]
***
*** ECDHClientKeyExchange
ECDH Public value: { 4,111,666,74,104,333,11,121,158,78,141,125,22,97,33,123,231,100 237,255,172,229,113,40,444,54,66,13,999,183,170,778,889,453,098,975 }
[write] MD5 and SHA1 hashes: len = 1725
------------------------------------------------------------
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
------------------------------------------------------------
TP-Processor3,WRITE: TLSv1.2 Handshake,length = 1725
[Raw write]: length = 1730
SESSION KEYGEN:
PreMaster Secret:
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
CONNECTION KEYGEN:
Client Nonce:
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
Server Nonce:
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
Master Secret:
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
... no MAC keys used for this cipher
Client write key:
0000: 11 22 33 44 55 66 77 88 99 aa BB CC BB EE FF aa 2.TY.5....N....1
Server write key:
0000: BB 79 CB 48 88 2C 99 AE ff 14 AA DD CC 77 70 EF .y.JU,....v.,RT.
Client write IV:
0000: B7 44 D4 EC .#$.
Server write IV:
0000: EE ED BD AA .22.
*** CertificateVerify
Signature Algorithm SHA256withRSA
[write] MD5 and SHA1 hashes: len = 264
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
TP-Processor3,length = 264
[Raw write]: length = 269
------------------------------------------------------------
Romoved some log because it is sensitive
------------------------------------------------------------
TP-Processor3,WRITE: TLSv1.2 Change Cipher Spec,length = 1
[Raw write]: length = 6
0000: 14 03 03 00 01 01 ......
*** Finished
verify_data: { 105,155,128,211,9,206,171 }
***
[write] MD5 and SHA1 hashes: len = 16
0000: 22 33 44 66 88 9B BB 4A 80 DD BB 09 AA 2E NN AB ....p.yK....M...
Padded plaintext before ENCRYPTION: len = 16
0000: 22 33 44 66 88 9B BB 4A 80 DD BB 09 AA 2E NN AB ....p.yK....M...
TP-Processor3,length = 40
[Raw write]: length = 45
0000: 16 03 03 00 38 00 00 00 00 00 00 00 00 67 BD 19 ....(........M..
0010: 10 3B A3 99 4A 93 0F DD 53 02 12 EE 66 AA 1F 9F .;..K...B...f...
0020: 25 43 BB 81 1B 97 BC BA 64 DD 51 53 FF %C......d.RS.
[Raw read]: length = 5
0000: 15 03 03 00 02 .....
[Raw read]: length = 2
0000: 02 28 .(
TP-Processor3,READ: TLSv1.2 Alert,length = 2
TP-Processor3,RECV TLSv1.2 ALERT: fatal,handshake_failure
%% Invalidated: [Session-1,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
TP-Processor3,called closeSocket()
TP-Processor3,handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
解决方法
我不知道为什么它失败了,但是在这种情况下有两个典型的原因:
-
您的客户端未提供到服务器信任库中找到的证书的证书链。客户可以并且应该提供用于客户身份验证的中间证书。
-
客户端证书的扩展密钥用法不包括客户端身份验证。