apache - TLS 连接 - 消息意外-6ren

apache - TLS 连接 - 消息意外

转载作者：太空宇宙更新时间：2023-11-03 13:17:04

我在与客户握手时遇到问题:

Alert message

如您所见，客户端收到意外消息，因此通信结束。看起来服务器正在尝试使用票证 session 策略恢复 session ，而客户端不喜欢它。查看文档 RFC 5077，只有在客户端支持此功能(通过 SessionTicket 扩展)并发送票证时，才应该发送带有 NewSessionTicket 的服务器消息。

这里的问题是客户端正在发送(在客户端问候消息中)空票 session 扩展，没有票。查看“客户端问候”消息:

hello client msg

没有门票。那么，为什么服务器用一张新票据回应？根据文档:

When the client wishes to resume the session, it includes the ticket in the SessionTicket extension within the ClientHello messageThe server then decrypts the received ticket, verifies the ticket's validity, retrieves the session state from the contents of the ticket, and uses this state to resume the session

在服务器端，我们有一个 Apache 版本 2.2.15， session 恢复(缓存)和 session 恢复(票证)都被激活。关于客户端，我没有太多信息，我正在尝试收集它。

此外，这种情况并非总是会发生。同样的场景，也有服务器正确响应(完全握手)的情况和客户端发送票据而服务器无论如何都以完全握手响应的情况。

我感觉这个错误与客户端有关，但在这一点上，看起来问题出在服务器端，就像 Apache 中的错误或类似的东西。

已编辑

你好客户

No.     Time        Source                Destination           Protocol Length Info
   1378 132.627955  XX.XXX.138.11         YY.YY.2.200           TLSv1    180    Client Hello

Frame 1378: 180 bytes on wire (1440 bits), 180 bytes captured (1440 bits)
    Encapsulation type: Ethernet (1)
    Arrival Time: May  6, 2015 11:13:51.817868000 Hora de verano romance
    [Time shift for this packet: 0.000000000 seconds]
    Epoch Time: 1430903631.817868000 seconds
    [Time delta from previous captured frame: 0.000212000 seconds]
    [Time delta from previous displayed frame: 0.000212000 seconds]
    [Time since reference or first frame: 132.627955000 seconds]
    Frame Number: 1378
    Frame Length: 180 bytes (1440 bits)
    Capture Length: 180 bytes (1440 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: eth:ethertype:ip:tcp:ssl]
    [Coloring Rule Name: TCP]
    [Coloring Rule String: tcp]
Ethernet II, Src: 10:11:11:11:11:11 (10:11:11:11:11:11), Dst: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4)
    Destination: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4)
        Address: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Source: 10:11:11:11:11:11 (10:11:11:11:11:11)
        Address: 10:11:11:11:11:11 (10:11:11:11:11:11)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Type: IP (0x0800)
Internet Protocol Version 4, Src: XX.XXX.138.11 (XX.XXX.138.11), Dst: YY.YY.2.200 (YY.YY.2.200)
    Version: 4
    Header Length: 20 bytes
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
        0000 00.. = Differentiated Services Codepoint: Default (0x00)
        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
    Total Length: 166
    Identification: 0x2af6 (10998)
    Flags: 0x02 (Don't Fragment)
        0... .... = Reserved bit: Not set
        .1.. .... = Don't fragment: Set
        ..0. .... = More fragments: Not set
    Fragment offset: 0
    Time to live: 54
    Protocol: TCP (6)
    Header checksum: 0x77eb [validation disabled]
        [Good: False]
        [Bad: False]
    Source: XX.XXX.138.11 (XX.XXX.138.11)
    Destination: YY.YY.2.200 (YY.YY.2.200)
    [Source GeoIP: Unknown]
    [Destination GeoIP: Unknown]
Transmission Control Protocol, Src Port: 35413 (35413), Dst Port: 443 (443), Seq: 1, Ack: 1, Len: 126
    Source Port: 35413 (35413)
    Destination Port: 443 (443)
    [Stream index: 5]
    [TCP Segment Len: 126]
    Sequence number: 1    (relative sequence number)
    [Next sequence number: 127    (relative sequence number)]
    Acknowledgment number: 1    (relative ack number)
    Header Length: 20 bytes
    .... 0000 0001 1000 = Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Nonce: Not set
        .... 0... .... = Congestion Window Reduced (CWR): Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
    Window size value: 49680
    [Calculated window size: 49680]
    [Window size scaling factor: -2 (no window scaling used)]
    Checksum: 0x9d55 [validation disabled]
        [Good Checksum: False]
        [Bad Checksum: False]
    Urgent pointer: 0
    [SEQ/ACK analysis]
        [iRTT: 0.010337000 seconds]
        [Bytes in flight: 126]
Secure Sockets Layer
    TLSv1 Record Layer: Handshake Protocol: Client Hello
        Content Type: Handshake (22)
        Version: TLS 1.0 (0x0301)
        Length: 121
        Handshake Protocol: Client Hello
            Handshake Type: Client Hello (1)
            Length: 117
            Version: TLS 1.0 (0x0301)
            Random
                GMT Unix Time: May  6, 2015 11:13:53.000000000 Hora de verano romance
                Random Bytes: 0a2aeead9ad4fcc71cedea83f57456f1383edd09f9ff3217...
            Session ID Length: 32
            Session ID: eb32d8d516eed625fa6b57d983bfb2f807db851a047093ac...
            Cipher Suites Length: 40
            Cipher Suites (20 suites)
                Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)
                Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038)
                Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
                Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016)
                Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
                Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
                Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
                Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
                Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
                Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005)
                Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004)
                Cipher Suite: TLS_DHE_RSA_WITH_DES_CBC_SHA (0x0015)
                Cipher Suite: TLS_DHE_DSS_WITH_DES_CBC_SHA (0x0012)
                Cipher Suite: TLS_RSA_WITH_DES_CBC_SHA (0x0009)
                Cipher Suite: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA (0x0014)
                Cipher Suite: TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA (0x0011)
                Cipher Suite: TLS_RSA_EXPORT_WITH_DES40_CBC_SHA (0x0008)
                Cipher Suite: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0x0006)
                Cipher Suite: TLS_RSA_EXPORT_WITH_RC4_40_MD5 (0x0003)
                Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
            Compression Methods Length: 1
            Compression Methods (1 method)
                Compression Method: null (0)
            Extensions Length: 4
            Extension: SessionTicket TLS
                Type: SessionTicket TLS (0x0023)
                Length: 0
                Data (0 bytes)

你好服务器

No.     Time        Source                Destination           Protocol Length Info
   1380 132.629663  YY.YY.2.200           XX.XXX.138.11         TLSv1    398    Server Hello, New Session Ticket, Change Cipher Spec, Encrypted Handshake Message

Frame 1380: 398 bytes on wire (3184 bits), 398 bytes captured (3184 bits)
    Encapsulation type: Ethernet (1)
    Arrival Time: May  6, 2015 11:13:51.819576000 Hora de verano romance
    [Time shift for this packet: 0.000000000 seconds]
    Epoch Time: 1430903631.819576000 seconds
    [Time delta from previous captured frame: 0.001648000 seconds]
    [Time delta from previous displayed frame: 0.001648000 seconds]
    [Time since reference or first frame: 132.629663000 seconds]
    Frame Number: 1380
    Frame Length: 398 bytes (3184 bits)
    Capture Length: 398 bytes (3184 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: eth:ethertype:ip:tcp:ssl]
    [Coloring Rule Name: TCP]
    [Coloring Rule String: tcp]
Ethernet II, Src: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4), Dst: 10:11:11:11:11:11 (10:11:11:11:11:11)
    Destination: 10:11:11:11:11:11 (10:11:11:11:11:11)
        Address: 10:11:11:11:11:11 (10:11:11:11:11:11)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Source: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4)
        Address: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Type: IP (0x0800)
Internet Protocol Version 4, Src: YY.YY.2.200 (YY.YY.2.200), Dst: XX.XXX.138.11 (XX.XXX.138.11)
    Version: 4
    Header Length: 20 bytes
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
        0000 00.. = Differentiated Services Codepoint: Default (0x00)
        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
    Total Length: 384
    Identification: 0xce71 (52849)
    Flags: 0x02 (Don't Fragment)
        0... .... = Reserved bit: Not set
        .1.. .... = Don't fragment: Set
        ..0. .... = More fragments: Not set
    Fragment offset: 0
    Time to live: 255
    Protocol: TCP (6)
    Header checksum: 0x0a95 [validation disabled]
        [Good: False]
        [Bad: False]
    Source: YY.YY.2.200 (YY.YY.2.200)
    Destination: XX.XXX.138.11 (XX.XXX.138.11)
    [Source GeoIP: Unknown]
    [Destination GeoIP: Unknown]
Transmission Control Protocol, Src Port: 443 (443), Dst Port: 35413 (35413), Seq: 1, Ack: 127, Len: 344
    Source Port: 443 (443)
    Destination Port: 35413 (35413)
    [Stream index: 5]
    [TCP Segment Len: 344]
    Sequence number: 1    (relative sequence number)
    [Next sequence number: 345    (relative sequence number)]
    Acknowledgment number: 127    (relative ack number)
    Header Length: 20 bytes
    .... 0000 0001 1000 = Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Nonce: Not set
        .... 0... .... = Congestion Window Reduced (CWR): Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
    Window size value: 4266
    [Calculated window size: 4266]
    [Window size scaling factor: -2 (no window scaling used)]
    Checksum: 0x4889 [validation disabled]
        [Good Checksum: False]
        [Bad Checksum: False]
    Urgent pointer: 0
    [SEQ/ACK analysis]
        [iRTT: 0.010337000 seconds]
        [Bytes in flight: 344]
Secure Sockets Layer
    TLSv1 Record Layer: Handshake Protocol: Server Hello
        Content Type: Handshake (22)
        Version: TLS 1.0 (0x0301)
        Length: 85
        Handshake Protocol: Server Hello
            Handshake Type: Server Hello (2)
            Length: 81
            Version: TLS 1.0 (0x0301)
            Random
                GMT Unix Time: May  6, 2015 11:13:53.000000000 Hora de verano romance
                Random Bytes: 8b392c52c3188f5a121594c0f176c09b579c2c4e4b7dedb5...
            Session ID Length: 32
            Session ID: eb32d8d516eed625fa6b57d983bfb2f807db851a047093ac...
            Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005)
            Compression Method: null (0)
            Extensions Length: 9
            Extension: renegotiation_info
                Type: renegotiation_info (0xff01)
                Length: 1
                Renegotiation Info extension
                    Renegotiation info extension length: 0
            Extension: SessionTicket TLS
                Type: SessionTicket TLS (0x0023)
                Length: 0
                Data (0 bytes)
    TLSv1 Record Layer: Handshake Protocol: New Session Ticket
        Content Type: Handshake (22)
        Version: TLS 1.0 (0x0301)
        Length: 202
        Handshake Protocol: New Session Ticket
            Handshake Type: New Session Ticket (4)
            Length: 198
            TLS Session Ticket
                Session Ticket Lifetime Hint: 0
                Session Ticket Length: 192
                Session Ticket: 21425f8c986d7fe5fea84e7ef3e8c8739c4427455c5fad73...
    TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
        Content Type: Change Cipher Spec (20)
        Version: TLS 1.0 (0x0301)
        Length: 1
        Change Cipher Spec Message
    TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
        Content Type: Handshake (22)
        Version: TLS 1.0 (0x0301)
        Length: 36
        Handshake Protocol: Encrypted Handshake Message

意外消息

No.     Time        Source                Destination           Protocol Length Info
   1382 132.638728  XX.XXX.138.11         YY.YY.2.200           TLSv1    61     Alert (Level: Fatal, Description: Unexpected Message)

Frame 1382: 61 bytes on wire (488 bits), 61 bytes captured (488 bits)
    Encapsulation type: Ethernet (1)
    Arrival Time: May  6, 2015 11:13:51.828641000 Hora de verano romance
    [Time shift for this packet: 0.000000000 seconds]
    Epoch Time: 1430903631.828641000 seconds
    [Time delta from previous captured frame: 0.000295000 seconds]
    [Time delta from previous displayed frame: 0.000295000 seconds]
    [Time since reference or first frame: 132.638728000 seconds]
    Frame Number: 1382
    Frame Length: 61 bytes (488 bits)
    Capture Length: 61 bytes (488 bits)
    [Frame is marked: False]
    [Frame is ignored: False]
    [Protocols in frame: eth:ethertype:ip:tcp:ssl]
    [Coloring Rule Name: TCP]
    [Coloring Rule String: tcp]
Ethernet II, Src: 10:11:11:11:11:11 (10:11:11:11:11:11), Dst: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4)
    Destination: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4)
        Address: F5Networ_6e:9f:c4 (00:23:e9:6e:9f:c4)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Source: 10:11:11:11:11:11 (10:11:11:11:11:11)
        Address: 10:11:11:11:11:11 (10:11:11:11:11:11)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Type: IP (0x0800)
Internet Protocol Version 4, Src: XX.XXX.138.11 (XX.XXX.138.11), Dst: YY.YY.2.200 (YY.YY.2.200)
    Version: 4
    Header Length: 20 bytes
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
        0000 00.. = Differentiated Services Codepoint: Default (0x00)
        .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
    Total Length: 47
    Identification: 0x2af8 (11000)
    Flags: 0x02 (Don't Fragment)
        0... .... = Reserved bit: Not set
        .1.. .... = Don't fragment: Set
        ..0. .... = More fragments: Not set
    Fragment offset: 0
    Time to live: 54
    Protocol: TCP (6)
    Header checksum: 0x7860 [validation disabled]
        [Good: False]
        [Bad: False]
    Source: XX.XXX.138.11 (XX.XXX.138.11)
    Destination: YY.YY.2.200 (YY.YY.2.200)
    [Source GeoIP: Unknown]
    [Destination GeoIP: Unknown]
Transmission Control Protocol, Src Port: 35413 (35413), Dst Port: 443 (443), Seq: 127, Ack: 345, Len: 7
    Source Port: 35413 (35413)
    Destination Port: 443 (443)
    [Stream index: 5]
    [TCP Segment Len: 7]
    Sequence number: 127    (relative sequence number)
    [Next sequence number: 134    (relative sequence number)]
    Acknowledgment number: 345    (relative ack number)
    Header Length: 20 bytes
    .... 0000 0001 1000 = Flags: 0x018 (PSH, ACK)
        000. .... .... = Reserved: Not set
        ...0 .... .... = Nonce: Not set
        .... 0... .... = Congestion Window Reduced (CWR): Not set
        .... .0.. .... = ECN-Echo: Not set
        .... ..0. .... = Urgent: Not set
        .... ...1 .... = Acknowledgment: Set
        .... .... 1... = Push: Set
        .... .... .0.. = Reset: Not set
        .... .... ..0. = Syn: Not set
        .... .... ...0 = Fin: Not set
    Window size value: 49680
    [Calculated window size: 49680]
    [Window size scaling factor: -2 (no window scaling used)]
    Checksum: 0x5f13 [validation disabled]
        [Good Checksum: False]
        [Bad Checksum: False]
    Urgent pointer: 0
    [SEQ/ACK analysis]
        [iRTT: 0.010337000 seconds]
        [Bytes in flight: 7]
Secure Sockets Layer
    TLSv1 Record Layer: Alert (Level: Fatal, Description: Unexpected Message)
        Content Type: Alert (21)
        Version: TLS 1.0 (0x0301)
        Length: 2
        Alert Message
            Level: Fatal (2)
            Description: Unexpected Message (10)

提前致谢。

最佳答案

这很奇怪。服务器没有发送证书、 key 交换和服务器问候，而是发送一些加密的握手消息。我建议查看服务器日志文件以获取可能出错的提示。但它也可能是描述的错误 here这可能是由客户端证书的大型证书链或接受的 CA 列表引起的，并导致服务器响应跨越多个 SSL 帧。有些客户可能无法处理这个问题。

关于apache - TLS 连接 - 消息意外，我们在Stack Overflow上找到一个类似的问题： https://stackoverflow.com/questions/30193727/

文章推荐： c# - 如果单击 "... Read more "as.net c#，则链接到完整文章

文章推荐： python - Wireshark 不显示带有 Python SSL 套接字的 SSL 数据包

文章推荐： python - Python 中的 %% 是什么意思？

文章推荐： Python NLTK 'LazyCorpusLoader' 对象不可调用

encryption - TLS over TLS 可能吗？
是否可以使用 OpenSSL 或其他工具通过 TLS 建立 TLS 连接？如果可能，每个级别的证书是否需要不同？最佳答案这在理论上应该工作得很好，但我不能确定 OpenSSL 或其他东西是否会轻
java - SSLContext.getInstance ("TLS") 是否也支持 TLS v1.1 和 TLS v1.2 ？
在我的 java 代码中，我正在使用命令创建 SSL 上下文的一个实例 SSLContext ctx = SSLContext.getInstance("TLS"); 但是在我的 tomcat 服务器
java - SSLContext.getInstance ("TLS") 是否也支持 TLS v1.1 和 TLS v1.2？
在我的 java 代码中，我正在使用命令创建一个 SSL 上下文实例 SSLContext ctx = SSLContext.getInstance("TLS"); 但在我的 tomcat 服务器中，
ssl - Hyperledger Fabric - 调用错误/TLS 握手失败，错误为 tls : first record does not look like a TLS handshake
范围:这是一个具有一个 channel 的网络，该 channel 由 3 个组织组成，每个组织 1 个 anchor 节点，每个组织 1 个 CA 和每个组织 1 个 MSP。我在我的 Hyper
ssl - 当 TLS 和 SSL 不同并且 TLS 与 SSL 相比是新的时，为什么 IIS 不显示启用 tls 的特定设置
无法找到用于在 iis 上启用/禁用 tls 的特定设置。启用/禁用 ssl 是否与启用/禁用 tls 相同？我浏览了一些博客，发现 SSL 是 TLS 的前身，旧版本的 SSL 已被弃用。但我无法
ssl - 是否应该仅在 TLS 握手期间执行相互 TLS？
最近，我一直在为基于物联网的项目评估不同的 API 网关 (API GW) 选项。这样做的目的是找到一个足够好的解决方案来执行设备和 API GW 的相互 TLS (mTLS) 身份验证。我尝试过的
c# - 打开 TLS 1.0、TLS 1.1、TLS 1.2 ... Asp.NET IIS 10.0
几个月来，我的 Web 应用程序在不同版本的 IE/Firefox/Chrome 上运行良好。我的应用程序在 IIS 10.0 上运行。当我从 Windows 7 框 (IE 11.0.***) 中点
java - 如何强制 java 服务器只接受 tls 1.2 并拒绝 tls 1.0 和 tls 1.1 连接
我有一个在 Java 7 上运行的 HTTPS 网络服务。我需要进行更改，以便此服务仅接受 TLS1.2 连接并拒绝 SSL3、TLS1.0 和 TLS1.1。我添加了以下 Java 参数，使 TL
internet-explorer - IE TLS 阻止如何在 tomcat 6 和 java 6 中从 TLS 1.0 移动到 TLS 1.2
我在资源管理器不显示网站时遇到问题:“无法显示此页面。在高级设置中打开 TLS 1.0、TLS 1.1 和 TLS 1.2”。我在 chrome 中调试了证书并说“连接是使用 aes_128_cbc
ssl - TLS 握手失败，错误为 tls : first record does not look like a TLS handshake server=Orderer remoteaddress=192. 168.144.4:43496
我正在与 5 个订购者、1 个组织和 2 个同行建立我的网络。还有 1 个 cli 和 1 个 ca。我从 1 个排序者扩展到 5 个实现 Raft 的排序者。这就是为什么我想扩展我的网络并对多个对
k8s TLS bootstrap解析-k8s TLS bootstrap流程分析
当k8s集群开启了TLS认证后，每个节点的kubelet组件都要使用由kube-apiserver的CA签发的有效证书才能与kube-apiserver通信；当节点非常多的时候，为每个节点都单独签署证
ssl - 尝试进行 TLS 调用时 TLS 握手失败的原因
我正在尝试使用 pjsip 安装中的 pjsua 程序在两个虚拟机之间进行安全调用。我通过以下方式在每个节点上启动程序: pjsua-x86_64-unknown-linux-gnu --use-tl
security - Java gRPC - TLS - 如何在客户端设置双向 TLS？
我开发的软件应用程序使用 gRPC 在客户端和服务器之间建立双向流。我只在 java 中寻找类似于这张票的答案的东西:How to enable server side SSL for gRPC?
certificate - 由于 TLS 解密错误导致 TLS 握手失败
我正在尝试调试与 TLS 相关的问题。TLS 在两个应用程序客户端 A 和服务器 B 之间设置。A 和 B 都交换了证书，我已经验证证书具有正确的扩展名，并且还通过其根 CA 成功验证。叶证书的根 C
security - 即使在客户端禁用 TLS 1.2 后，Java 1.8 客户端和以 FIPS 模式运行的 Java 1.7 TLS 1.1 服务器之间的 TLS 握手失败
“Java 1.7 TLS 1.1 服务器”和“Java 1.8 客户端”之间的 SSL/TLS 握手在我的环境中失败，服务器端出现以下异常: java.security.NoSuchAlgorith
docker - 我是否尝试连接到没有 TLS 的启用 TLS 的守护程序？
我正在尝试了解 Docker ，但我不断收到神秘的(对我而言)错误消息。可能最简单的例子是尝试打印我安装的 Docker 版本: $ sudo docker version Client versi
wordpress - 如何禁用 TLS 1.0 和 1.1 以在 Apache 中为 Wordpress Bitnami Amazon-Ligthsail 实例仅启用 TLS 1.2 和 TLS 1.3？
这是我第一次使用 Amazon Lighsail、Wordpress Multisite、Bitnami甚至使用 Let's Encrypt；现在似乎一切正常，除了我的虚拟主机文件中的 SSL 指令。
ssl - MariaDB 启用 TLS 但仍然允许没有 TLS 的连接
我有一个 MariaDB "M"。在同一台机器上有一个应用程序“A”，它可以访问它。在不同的服务器上，另一个应用程序“B”也在访问它。现在我想在 MariaDB 上启用 TLS 以保护连接 B ->
python - 我怎样才能最轻松地通过 python 的 TLS 代理命令制作 TLS？
我正在寻找通过代理连接到一些 HTTPS/TLS 站点，其中到代理本身的连接也是通过 HTTPS/TLS 建立的，来自一个高度依赖请求的 python 应用程序。 urllib3(因此 request
ssl - TLS - 通常在哪里为 MQTT 代理执行 tls 握手？
现在我正在努力改变 EMQtt 和 Erlang MQTT 代理，以便我可以使用预共享 key 而不是非对称方法执行 TLS 握手。到目前为止，我几乎遍历了源代码中的每个文件，但找不到任何加密函数。

太空宇宙

个人简介

我是一名优秀的程序员,十分优秀！

作者热门文章

滴滴打车优惠券免费领取

全站热门文章

首页

博学

6Ren·AI

商城

apache - TLS 连接 - 消息意外