本文介绍了带有Java 7和Wildlfy 8的TLSv1.2-handshake_failure的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

在我们的应用程序中,我们需要将一些数据发送到外部客户服务器Web服务JAX-WS.我使用wsimport从WSDL生成了所需的客户端文件.然后,我尝试连接到服务器端Web服务.但是使用Java 1.7.0_67,64位连接无法成功.当我将JAVA_HOME,Eclipse Java配置和Wildfly 8 Runtime环境更改为Java 8时,就成功了.

In our application we need send some data to foreign customer server web service JAX-WS. I generated required client files from WSDL with using wsimport. Then I tried connect to server side web service. But with Java 1.7.0_67 64bit connection wasn't successfull. When I change JAVA_HOME, Eclipse Java configuration and Wildfly 8 Runtime environment to Java 8, it was successfull.

通过 https://www.ssllabs.com 服务器仅支持TLSv1.2.因此,我的意思是Java 8对此没有问题,因为我认为Java 8使用了隐式TLSv1.2.因此,对于Java 7,我尝试使用TLSv1.2进行设置.我做到了:

By https://www.ssllabs.com server support only TLSv1.2. Therefore I mean that Java 8 hasn't problem connect on this, because I think that Java 8 use implicit TLSv1.2. So for Java 7 I tried set using TLSv1.2. I made this with:

-Ddeployment.security.TLSv1.2=true -Dhttps.protocols=TLSv1.2

-Ddeployment.security.TLSv1.2=true -Ddeployment.security.TLSv1=false -Dhttps.protocols=TLSv1.2

或者我尝试通过System.setProperty()设置https.protocols.

好吧,在完成这些设置之后,在日志中看起来像是在开始通信时使用TLSv1.2.但是,在RECV TLSv1 ALERT: fatal, handshake_failure点上,它看起来像是在使用TLSv1版本.缩短日志:

Ok, after these settings, in log looks as comunication starts use TLSv1.2. But on point RECV TLSv1 ALERT: fatal, handshake_failure it looks as using version TLSv1. Shortended Log:

//SOME ADDINGS TRUSTED CERT

12:42:00,426 INFO  [stdout] (default task-27) Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

12:42:00,426 INFO  [stdout] (default task-27) Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256


//SOME ANOTHER  Ignoring unsupported cipher suite messages

12:42:00,526 INFO  [stdout] (default task-27) Allow unsafe renegotiation: false
    12:42:00,527 INFO  [stdout] (default task-27) Allow legacy hello messages: true
    12:42:00,527 INFO  [stdout] (default task-27) Is initial handshake: true
    12:42:00,527 INFO  [stdout] (default task-27) Is secure renegotiation: false

    12:42:00,528 INFO  [stdout] (default task-27) default task-27, setSoTimeout(60000) called

    12:42:00,533 INFO  [stdout] (default task-27) %% No cached client session

    12:42:00,540 INFO  [stdout] (default task-27) *** ClientHello, TLSv1.2

12:42:00,543 INFO  [stdout] (default task-27) RandomCookie:  GMT: 1437570568 bytes = { 40, 32, 41, 207, 219, 45, 44, 254, 211, 5, 213, 185, 140, 88, 46, 94, 49, 236, 52, 25, 75, 221, 38, 210, 90, 95, 156, 61 }

12:42:00,543 INFO  [stdout] (default task-27) Session ID:  {}

12:42:00,544 INFO  [stdout] (default task-27) Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]

12:42:00,544 INFO  [stdout] (default task-27) Compression Methods:  { 0 }

12:42:00,545 INFO  [stdout] (default task-27) Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}

12:42:00,545 INFO  [stdout] (default task-27) Extension ec_point_formats, formats: [uncompressed]

12:42:00,545 INFO  [stdout] (default task-27) Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA

12:42:00,545 INFO  [stdout] (default task-27) Extension server_name, server_name: [host_name: app.bundesnetzagentur.de]

12:42:00,546 INFO  [stdout] (default task-27) ***

12:42:00,547 INFO  [stdout] (default task-27) [write] MD5 and SHA1 hashes:  len = 226


// SOME HASHES

12:42:00,631 INFO  [stdout] (default task-27) [Raw read]: length = 5

12:42:00,632 INFO  [stdout] (default task-27) 0000: 15 03 03 00 02                                     .....

12:42:00,633 INFO  [stdout] (default task-27) [Raw read]: length = 2

12:42:00,633 INFO  [stdout] (default task-27) 0000: 02 28                                              .(

12:42:00,634 INFO  [stdout] (default task-27) default task-27, READ: TLSv1.2 Alert, length = 2

12:42:00,634 INFO  [stdout] (default task-27) default task-27, RECV TLSv1 ALERT:  fatal, handshake_failure

12:42:00,634 INFO  [stdout] (default task-27) default task-27, called closeSocket()

12:42:00,635 INFO  [stdout] (default task-27) default task-27, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

12:42:00,635 INFO  [stdout] (default task-27) default task-27, called close()

12:42:00,635 INFO  [stdout] (default task-27) default task-27, called closeInternal(true)

12:42:00,637 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (default task-27) Interceptor for {https://app.bundesnetzagentur.de/WS_VersorgUnterbrGas}WS_VersUnterbrechungGas#{https://app.bundesnetzagentur.de/WS_VersorgUnterbrGas}BeginnTransaktion has thrown exception, unwinding now: org.apache.cxf.interceptor.Fault: Could not send Message.
    at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)
    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
    at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:570)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:479)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:382)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:335)
    at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
    at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:136)
    at com.sun.proxy.$Proxy144.beginnTransaktion(Unknown Source)
    at de.ids.mabiplus.bna.jaxws.web.BnaExportJaxwsAction.execute(BnaExportJaxwsAction.java:37) [acosnms-om-java-3.14.0.0-SNAPSHOT.jar:]
    at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) [struts-1.2.9.jar:1.2.9]
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) [struts-1.2.9.jar:1.2.9]
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) [struts-1.2.9.jar:1.2.9]
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) [struts-1.2.9.jar:1.2.9]
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
    at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at de.ids.mabi.client.common.control.ControlFilter.doFilter(ControlFilter.java:77) [classes:]
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at de.ids.gaja.umgr.auth.AuthenticationFilter.doFilter(AuthenticationFilter.java:68) [classes:]
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at de.ids.gaja.utils.i18n.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:107) [wega-utils-web-0.16-SNAPSHOT.jar:]
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198) [spring-orm-3.1.0.RELEASE.jar:3.1.0.RELEASE]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) [spring-web-3.1.0.RELEASE.jar:3.1.0.RELEASE]
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at de.ids.gaja.platform.commons.web.ServiceFilter.doFilter(ServiceFilter.java:51) [classes:]
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:166) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.server.Connectors.executeRootHandler(Connectors.java:197) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_67]
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_67]
    at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_67]
Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://app.bundesnetzagentur.de/WS_VersorgUnterbrGas/WS_VersUnterbrechungGas.asmx: Received fatal alert: handshake_failure
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) [rt.jar:1.7.0_67]
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) [rt.jar:1.7.0_67]
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) [rt.jar:1.7.0_67]
    at java.lang.reflect.Constructor.newInstance(Constructor.java:526) [rt.jar:1.7.0_67]
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1347)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1331)
    at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
    at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:632)
    at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
    ... 59 more
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) [jsse.jar:1.7.0_67]
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) [jsse.jar:1.7.0_67]
    at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1959) [jsse.jar:1.7.0_67]
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077) [jsse.jar:1.7.0_67]
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) [jsse.jar:1.7.0_67]
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) [jsse.jar:1.7.0_67]
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) [jsse.jar:1.7.0_67]
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) [rt.jar:1.7.0_67]
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) [rt.jar:1.7.0_67]
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091) [rt.jar:1.7.0_67]
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) [rt.jar:1.7.0_67]
    at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.java:174)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1290)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1246)
    at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:201)
    at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
    at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1303)
    ... 62 more

12:42:00,646 WARN  [org.apache.struts.action.RequestProcessor] (default task-27) Unhandled Exception thrown: class javax.xml.ws.WebServiceException
12:42:00,647 ERROR [io.undertow.request] (default task-27) UT005023: Exception handling request to /acosNms/om/outagesToBna.do: javax.servlet.ServletException: javax.xml.ws.WebServiceException: Could not send Message.
    at org.apache.struts.action.RequestProcessor.processException(RequestProcessor.java:535) [struts-1.2.9.jar:1.2.9]
    at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:433) [struts-1.2.9.jar:1.2.9]
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) [struts-1.2.9.jar:1.2.9]
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) [struts-1.2.9.jar:1.2.9]
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) [struts-1.2.9.jar:1.2.9]
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
    at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:130) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at de.ids.mabi.client.common.control.ControlFilter.doFilter(ControlFilter.java:77) [classes:]
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at de.ids.gaja.umgr.auth.AuthenticationFilter.doFilter(AuthenticationFilter.java:68) [classes:]
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at de.ids.gaja.utils.i18n.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:107) [wega-utils-web-0.16-SNAPSHOT.jar:]
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198) [spring-orm-3.1.0.RELEASE.jar:3.1.0.RELEASE]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) [spring-web-3.1.0.RELEASE.jar:3.1.0.RELEASE]
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at de.ids.gaja.platform.commons.web.ServiceFilter.doFilter(ServiceFilter.java:51) [classes:]
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:132) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:85) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:63) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:261) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:247) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:76) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:166) [undertow-servlet-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.server.Connectors.executeRootHandler(Connectors.java:197) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759) [undertow-core-1.1.0.Final.jar:1.1.0.Final]
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_67]
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_67]
    at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_67]
Caused by: javax.xml.ws.WebServiceException: Could not send Message.
    at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:147)
    at com.sun.proxy.$Proxy144.beginnTransaktion(Unknown Source)
    at de.ids.mabiplus.bna.jaxws.web.BnaExportJaxwsAction.execute(BnaExportJaxwsAction.java:37) [acosnms-om-java-3.14.0.0-SNAPSHOT.jar:]
    at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) [struts-1.2.9.jar:1.2.9]
    ... 49 more
Caused by: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://app.bundesnetzagentur.de/WS_VersorgUnterbrGas/WS_VersUnterbrechungGas.asmx: Received fatal alert: handshake_failure
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) [rt.jar:1.7.0_67]
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) [rt.jar:1.7.0_67]
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) [rt.jar:1.7.0_67]
    at java.lang.reflect.Constructor.newInstance(Constructor.java:526) [rt.jar:1.7.0_67]
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1347)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1331)
    at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
    at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:632)
    at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
    at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:570)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:479)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:382)
    at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:335)
    at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
    at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:136)
    ... 52 more
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) [jsse.jar:1.7.0_67]
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) [jsse.jar:1.7.0_67]
    at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1959) [jsse.jar:1.7.0_67]
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077) [jsse.jar:1.7.0_67]
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) [jsse.jar:1.7.0_67]
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339) [jsse.jar:1.7.0_67]
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323) [jsse.jar:1.7.0_67]
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) [rt.jar:1.7.0_67]
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) [rt.jar:1.7.0_67]
    at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1091) [rt.jar:1.7.0_67]
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) [rt.jar:1.7.0_67]
    at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.java:174)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1290)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1246)
    at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:201)
    at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47)
    at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:69)
    at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1303)
    .. more 62

为了解决Ignoring unsupported cipher suite的问题,我安装了Unlimited JCEPolicy JDK7.但是仍然有些.但是我认为问题在于,在行RECV TLSv1 ALERT: fatal, handshake_failure上使用的是较旧的版本,并且服务器不支持TLSv1版本.但是,为什么现在要更改此版本呢?是否可以仅使用TLSv1.2进行某些设置?还是这个问题可能在其他地方?非常感谢您的帮助!

For solve problems with Ignoring unsupported cipher suite I installed Unlimited JCEPolicy JDK7. But some still remained. But I think that problem is that on row RECV TLSv1 ALERT: fatal, handshake_failure is used older and server unsupported TLSv1 version. But why on this point is change this version? Is possible some settings for ONLY TLSv1.2 use? Or is possible that problem is elsewhere? Very thanks for help !

编辑:在下面的@ dave_thompson_085注释中,这看起来像"Java 7 JSSE正在忽略不支持SHA2套件".有关更多信息,您可以看到此评论.而且我忘了意味着对于Java 8来说,它可以正常工作,我在/lib/security中添加了jssecacert文件.我由InstallCert生成的文件.但是,使用Java 7时,在通过InstallCert获得证书期间,在应用程序中出现了类似的错误.但是我认为这与我的问题无关,因为我的handshake_failure是Java 8之前的unable to find valid certification path to requested target以外的其他类型的问题,而不是将jssecacerts文件添加到/lib/security中.

By @dave_thompson_085 comment below, this looks as that "Java 7 JSSE is Ignoring SHA2 suites as unsupported". For more information you can see this comment. And I forget mean that for Java 8, which worked right, I added jssecacert file into /lib/security. This file I generated by InstallCert. But with Java 7 I get similiar error as in application during obtaining certificate via InstallCert. But I think that is not relate with my problem, because my handshake_failure is other type of problem than unable to find valid certification path to requested target which I got with Java 8 before than I add jssecacerts file into /lib/security.

推荐答案

我已经解决了我的问题.我在EDIT中说的方式,以及@ dave_thompson_085在他的评论中告诉我们,RECV TLSv1 ALERT: fatal中TLS的错误版本可能只是日志错误.因此,整个通信是在TLSv1.2中实现的.但是Ignoring unsupported cipher suite的问题是我需要一些密码.即使我使用了Unlimited JCEPolicy JDK7.但是,为了启用这些密码,我也必须将带有这些密码的https.cipherSuites添加到VM参数中.因此,当有人遇到某些Java版本应支持的不支持密码的问题时,可以尝试添加此VM参数.关于此的文章: http://fsanglier. blogspot.cz/2015/04/java-7-and-tlsv12-supported-but-not-enabled.html

I solved my problem already. How I stated in my EDIT, and @dave_thompson_085 told in his comment, wrong version of TLS in RECV TLSv1 ALERT: fatal is maybe only log bug. So whole communication was realized in TLSv1.2. But problem was with Ignoring unsupported cipher suite some ciphers what I need. Even if I used Unlimited JCEPolicy JDK7. But for enable these ciphers I must add https.cipherSuites with these ciphers into VM arguments too. So when somebody will have problem with unsupported ciphers which should supported in some Java version, will be good try add this VM argument. Article about this:http://fsanglier.blogspot.cz/2015/04/java-7-and-tlsv12-supported-but-not-enabled.html

和我有关的问题在哪里: Java 7不支持密码应该被支持

and my related question where about this:Java 7 does not support ciphers which should be supported

这篇关于带有Java 7和Wildlfy 8的TLSv1.2-handshake_failure的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

05-29 11:30
查看更多