java - 为 SSLServerSocket 设置安全性导致密码套件错误-6ren

java - 为 SSLServerSocket 设置安全性导致密码套件错误

转载作者：太空宇宙更新时间：2023-11-03 13:21:46

我正在编写一个 POP3 服务器来提供不是电子邮件的通知，而是数据库中的内容。我让它工作，但是当我尝试从服务器套接字切换到 SSLServerSocket 时，出现错误“javax.net.ssl.SSLException:连接已关闭:javax.net.ssl.SSLHandshakeException:没有共同的密码套件” .看起来客户端 (Thunderbird) 作为支持的密码套件发送的内容与服务器支持的内容之间存在重叠。这是代码:

private static boolean startServerSocket() throws GeneralSecurityException
{

    try
    {


        KeyStore ks = KeyStore.getInstance("JKS");
        InputStream ksIs = new FileInputStream("<JAVA_HOME>\\jdk\\jre\\lib\\security\\cacerts");
        try
        {
            ks.load(ksIs, "changeit".toCharArray()); // 2nd parameter is password
        }
        finally
        {
            if (ksIs != null)
            {
                ksIs.close();
            }
        }

        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        kmf.init(ks, "keypassword".toCharArray());
        // used in sc.init
        TrustManager[] trustAllCerts = new TrustManager[] {
                new X509TrustManager() {
                    public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
                    }

                    public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
                    }

                    public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                        return null;
                    }
                }
        };            

        SSLContext sc = SSLContext.getInstance("TLSv1.2"); // there are more tls
        sc.init(kmf.getKeyManagers(), trustAllCerts, new SecureRandom()); 

        SSLServerSocketFactory socketFactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
        serverSocket = (SSLServerSocket) socketFactory.createServerSocket(portNumber);

        ((SSLServerSocket)serverSocket).setEnabledProtocols(new String[] {"TLSv1", "TLSv1.1", "TLSv1.2", "SSLv3"});

        String[] supportedProtos = serverSocket.getEnabledProtocols();
        if (supportedProtos != null)
        {
            for (String proto: supportedProtos)
            {
                System.out.println("Supported Protocol: " + proto);
            }
        }

        String[] enabledCiphersSuites = serverSocket.getEnabledCipherSuites();
        if (enabledCiphersSuites != null)
        {
            for (String enabledCiphersSuite: enabledCiphersSuites)
            {
                System.out.println("Enabled CipherSuite: " + enabledCiphersSuite);
            }
        }

        String[] supportedCipherSuites = serverSocket.getSupportedCipherSuites();
        if (supportedCipherSuites != null)
        {
            for (String supportedCiphersSuite: supportedCipherSuites)
            {
                System.out.println("Supported CipherSuite: " + supportedCiphersSuite);
            }
        }            

        System.out.println("Awaiting Connection...");
        return true;

    }
    catch (IOException e)
    {
        e.printStackTrace(System.err); //this is where the error comes from
        System.err.println("ERROR - Could not listen on port " + portNumber);
        return false;
    }
}

这是调试输出，在写入套接字之前(包括来自 java 选项 -Djavax.net.debug=all 的语句:

trigger seeding of SecureRandom
done seeding SecureRandom
keyStore is : 
keyStore type is : jks
keyStore provider is : 
init keystore
init keymanager of type SunX509
trustStore is: <JAVA_HOME>\jdk\jre\lib\security\cacerts
trustStore type is : jks
trustStore provider is : 
init truststore
adding as trusted cert:
  Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
  Issuer:  CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
  Algorithm: RSA; Serial number: 0xc3517
  Valid from Sun Jun 20 22:00:00 MDT 1999 until Sun Jun 21 22:00:00 MDT 2020

adding as trusted cert:
  Subject: CN=SecureTrust CA, O=SecureTrust Corporation, C=US
  Issuer:  CN=SecureTrust CA, O=SecureTrust Corporation, C=US
  Algorithm: RSA; Serial number: 0xcf08e5c0816a5ad427ff0eb271859d0
  Valid from Tue Nov 07 12:31:18 MST 2006 until Mon Dec 31 12:40:55
.... many more of these
trigger seeding of SecureRandom
done seeding SecureRandom
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Supported Protocol: SSLv3
Supported Protocol: TLSv1
Supported Protocol: TLSv1.1
Supported Protocol: TLSv1.2
Enabled CipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Enabled CipherSuite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Enabled CipherSuite: TLS_RSA_WITH_AES_128_CBC_SHA256
Enabled CipherSuite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Enabled CipherSuite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Enabled CipherSuite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Enabled CipherSuite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Enabled CipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
Enabled CipherSuite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Enabled CipherSuite: TLS_RSA_WITH_AES_128_CBC_SHA
Enabled CipherSuite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
Enabled CipherSuite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
Enabled CipherSuite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA
Enabled CipherSuite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA
Enabled CipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Enabled CipherSuite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Enabled CipherSuite: TLS_RSA_WITH_AES_128_GCM_SHA256
Enabled CipherSuite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
Enabled CipherSuite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
Enabled CipherSuite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
Enabled CipherSuite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
Enabled CipherSuite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Enabled CipherSuite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Enabled CipherSuite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
Enabled CipherSuite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
Enabled CipherSuite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
Enabled CipherSuite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
Enabled CipherSuite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
Enabled CipherSuite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_anon_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_DH_anon_WITH_AES_256_GCM_SHA384
Supported CipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Supported CipherSuite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Supported CipherSuite: TLS_RSA_WITH_AES_128_CBC_SHA256
Supported CipherSuite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Supported CipherSuite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Supported CipherSuite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Supported CipherSuite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Supported CipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
Supported CipherSuite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Supported CipherSuite: TLS_RSA_WITH_AES_128_CBC_SHA
Supported CipherSuite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
Supported CipherSuite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
Supported CipherSuite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA
Supported CipherSuite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA
Supported CipherSuite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Supported CipherSuite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Supported CipherSuite: TLS_RSA_WITH_AES_128_GCM_SHA256
Supported CipherSuite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
Supported CipherSuite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
Supported CipherSuite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
Supported CipherSuite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
Supported CipherSuite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Supported CipherSuite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Supported CipherSuite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
Supported CipherSuite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
Supported CipherSuite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
Supported CipherSuite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
Supported CipherSuite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
Supported CipherSuite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV
Supported CipherSuite: TLS_DH_anon_WITH_AES_128_GCM_SHA256
Supported CipherSuite: TLS_DH_anon_WITH_AES_128_CBC_SHA256
Supported CipherSuite: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
Supported CipherSuite: TLS_DH_anon_WITH_AES_128_CBC_SHA
Supported CipherSuite: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
Supported CipherSuite: SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
Supported CipherSuite: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
Supported CipherSuite: TLS_ECDHE_RSA_WITH_RC4_128_SHA
Supported CipherSuite: SSL_RSA_WITH_RC4_128_SHA
Supported CipherSuite: TLS_ECDH_ECDSA_WITH_RC4_128_SHA
Supported CipherSuite: TLS_ECDH_RSA_WITH_RC4_128_SHA
Supported CipherSuite: SSL_RSA_WITH_RC4_128_MD5
Supported CipherSuite: TLS_ECDH_anon_WITH_RC4_128_SHA
Supported CipherSuite: SSL_DH_anon_WITH_RC4_128_MD5
Supported CipherSuite: SSL_RSA_WITH_DES_CBC_SHA
Supported CipherSuite: SSL_DHE_RSA_WITH_DES_CBC_SHA
Supported CipherSuite: SSL_DHE_DSS_WITH_DES_CBC_SHA
Supported CipherSuite: SSL_DH_anon_WITH_DES_CBC_SHA
Supported CipherSuite: SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
Supported CipherSuite: SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
Supported CipherSuite: SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
Supported CipherSuite: SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
Supported CipherSuite: SSL_RSA_EXPORT_WITH_RC4_40_MD5
Supported CipherSuite: SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
Supported CipherSuite: TLS_RSA_WITH_NULL_SHA256
Supported CipherSuite: TLS_ECDHE_ECDSA_WITH_NULL_SHA
Supported CipherSuite: TLS_ECDHE_RSA_WITH_NULL_SHA
Supported CipherSuite: SSL_RSA_WITH_NULL_SHA
Supported CipherSuite: TLS_ECDH_ECDSA_WITH_NULL_SHA
Supported CipherSuite: TLS_ECDH_RSA_WITH_NULL_SHA
Supported CipherSuite: TLS_ECDH_anon_WITH_NULL_SHA
Supported CipherSuite: SSL_RSA_WITH_NULL_MD5
Supported CipherSuite: TLS_KRB5_WITH_3DES_EDE_CBC_SHA
Supported CipherSuite: TLS_KRB5_WITH_3DES_EDE_CBC_MD5
Supported CipherSuite: TLS_KRB5_WITH_RC4_128_SHA
Supported CipherSuite: TLS_KRB5_WITH_RC4_128_MD5
Supported CipherSuite: TLS_KRB5_WITH_DES_CBC_SHA
Supported CipherSuite: TLS_KRB5_WITH_DES_CBC_MD5
Supported CipherSuite: TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
Supported CipherSuite: TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
Supported CipherSuite: TLS_KRB5_EXPORT_WITH_RC4_40_SHA
Supported CipherSuite: TLS_KRB5_EXPORT_WITH_RC4_40_MD5
Awaiting Connection...
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

当读取/写入套接字时，这里是输出，包括异常:

Ignoring disabled protocol: SSLv3
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
[Raw read]: length = 5
SYSTEM ERROR -- Possible Timeout Due To InactivityWed Mar 28 15:05:39 MDT 2018 - Stack Trace Shown Below.
javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLHandshakeException: no cipher suites in common
    at sun.security.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1541)
    at sun.security.ssl.AppInputStream.read(AppInputStream.java:95)
    at sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:284)
    at sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:326)
    at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:178)
    at java.io.InputStreamReader.read(InputStreamReader.java:184)
    at java.io.BufferedReader.fill(BufferedReader.java:161)
    at java.io.BufferedReader.readLine(BufferedReader.java:324)
    at java.io.BufferedReader.readLine(BufferedReader.java:389)
    at POP3ServerThread.run(POP3ServerThread.java:71)
    at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:292)
    at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:1036)
    at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:739)
    at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:221)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
    at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
    at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
    at sun.nio.cs.StreamEncoder.writeBytes(StreamEncoder.java:221)
    at sun.nio.cs.StreamEncoder.implFlushBuffer(StreamEncoder.java:291)
    at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:295)
    at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:141)
    at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:229)
    at java.io.BufferedWriter.flush(BufferedWriter.java:254)
    at java.io.PrintWriter.newLine(PrintWriter.java:482)
    at java.io.PrintWriter.println(PrintWriter.java:629)
    at java.io.PrintWriter.println(PrintWriter.java:740)
    at POP3ServerThread.run(POP3ServerThread.java:61)
    ... 1 more
0000: 16 03 01 00 95                                     .....
[Raw read]: length = 149
0000: 01 00 00 91 03 03 02 81   F0 55 87 5E DE 80 70 74  .........U.^..pt
0010: 1B 96 D9 70 01 F5 D0 CF   36 CF B5 34 8B A7 B8 8F  ...p....6..4....
0020: D3 7D F1 01 B8 CC 00 00   1E C0 2B C0 2F CC A9 CC  ..........+./...
0030: A8 C0 2C C0 30 C0 0A C0   09 C0 13 C0 14 00 33 00  ..,.0.........3.
0040: 39 00 2F 00 35 00 0A 01   00 00 4A 00 17 00 00 FF  9./.5.....J.....
0050: 01 00 01 00 00 0A 00 0A   00 08 00 1D 00 17 00 18  ................
0060: 00 19 00 0B 00 02 01 00   00 23 00 00 00 05 00 05  .........#......
0070: 01 00 00 00 00 FF 03 00   00 00 0D 00 18 00 16 04  ................
0080: 03 05 03 06 03 08 04 08   05 08 06 04 01 05 01 06  ................
0090: 01 02 03 02 01                                     .....
Thread-0, READ: TLSv1 Handshake, length = 149
*** ClientHello, TLSv1.2
RandomCookie:  GMT: 25227349 bytes = { 135, 94, 222, 128, 112, 116, 27, 150, 217, 112, 1, 245, 208, 207, 54, 207, 181, 52, 139, 167, 184, 143, 211, 125, 241, 1, 184, 204 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xcc:0xa9, Unknown 0xcc:0xa8, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
Compression Methods:  { 0 }
Unsupported extension type_23, data: 
Extension renegotiation_info, renegotiated_connection: <empty>
Extension elliptic_curves, curve names: {unknown curve 29, secp256r1, secp384r1, secp521r1}
Extension ec_point_formats, formats: [uncompressed]
Unsupported extension type_35, data: 
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_65283, data: 
Extension signature_algorithms, signature_algorithms: SHA256withECDSA, SHA384withECDSA, SHA512withECDSA, Unknown (hash:0x8, signature:0x4), Unknown (hash:0x8, signature:0x5), Unknown (hash:0x8, signature:0x6), SHA256withRSA, SHA384withRSA, SHA512withRSA, SHA1withECDSA, SHA1withRSA
***
[read] MD5 and SHA1 hashes:  len = 149
0000: 01 00 00 91 03 03 02 81   F0 55 87 5E DE 80 70 74  .........U.^..pt
0010: 1B 96 D9 70 01 F5 D0 CF   36 CF B5 34 8B A7 B8 8F  ...p....6..4....
0020: D3 7D F1 01 B8 CC 00 00   1E C0 2B C0 2F CC A9 CC  ..........+./...
0030: A8 C0 2C C0 30 C0 0A C0   09 C0 13 C0 14 00 33 00  ..,.0.........3.
0040: 39 00 2F 00 35 00 0A 01   00 00 4A 00 17 00 00 FF  9./.5.....J.....
0050: 01 00 01 00 00 0A 00 0A   00 08 00 1D 00 17 00 18  ................
0060: 00 19 00 0B 00 02 01 00   00 23 00 00 00 05 00 05  .........#......
0070: 01 00 00 00 00 FF 03 00   00 00 0D 00 18 00 16 04  ................
0080: 03 05 03 06 03 08 04 08   05 08 06 04 01 05 01 06  ................
0090: 01 02 03 02 01                                     .....
%% Initialized:  [Session-1, SSL_NULL_WITH_NULL_NULL]
%% Invalidated:  [Session-1, SSL_NULL_WITH_NULL_NULL]
Thread-0, SEND TLSv1.2 ALERT:  fatal, description = handshake_failure
Thread-0, WRITE: TLSv1.2 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 03 00 02 02 28                               ......(
Thread-0, called closeSocket()
Thread-0, handling exception: javax.net.ssl.SSLHandshakeException: no cipher suites in common
Thread-0, called close()
Thread-0, called closeInternal(true)
Thread-0, called close()
Thread-0, called closeInternal(true)

我在 StackOverflow 上发现了类似的问题并尝试了解决方案，但我始终遇到相同的异常。提前致谢。

最佳答案

这意味着服务器和客户端启用的密码套件之间的交集为空(此处似乎不是这种情况)，或者服务器没有私钥，而私钥却有。

在这种情况下，服务器无法使用任何身份验证密码套件，并且默认情况下(正确地)禁用匿名密码套件，因此没有可用的已启用密码套件。

注意不要使用那个 TrustManager。它根本不安全，除非您要请求或要求客户端身份验证，否则它无论如何都不会被使用。您甚至不需要加载 JRE 的 cacerts 文件，因为它已经是默认设置。

关于java - 为 SSLServerSocket 设置安全性导致密码套件错误，我们在Stack Overflow上找到一个类似的问题： https://stackoverflow.com/questions/49544399/

文章推荐： python - 使用 ssl 访问 kafka 代理时出错

文章推荐： c# - 在 windows phone 8.1 后台播放声音

java - Java 方法如何检索属于该特定方法的方法对象？ ( java )
我正在编写一个具有以下签名的 Java 方法。 void Logger(Method method, Object[] args); 如果一个方法(例如 ABC() )调用此方法 Logger，它应该
java - (Java) Java 找不到我的图像文件
我是 Java 新手。我的问题是我的 Java 程序找不到我试图用作的图像文件一个 JButton。 (目前这段代码什么也没做，因为我只是得到了想要的外观第一的)。这是我的主课代码: packag
java - java Java 有手动垃圾回收吗？
好的，今天我在接受采访，我已经编写 Java 代码多年了。采访中说“Java 垃圾收集是一个棘手的问题，我有几个 friend 一直在努力弄清楚。你在这方面做得怎么样？”。她是想骗我吗？还是我的一生都
java - Java 之谜 - Java
我的 friend 给了我一个谜语让我解开。它是这样的: There are 100 people. Each one of them, in his turn, does the following
java - Java 字节码是否兼容不同版本的 Java？
如果我将使用 Java 5 代码的应用程序编译成字节码，生成的 .class 文件是否能够在 Java 1.4 下运行？如果后者可以工作并且我正在尝试在我的 Java 1.4 应用程序中使用 Jav
java - Java 缺少无符号原始类型是 Java 平台的特征还是 Java 语言的特征？
有关于why Java doesn't support unsigned types的问题以及一些关于处理无符号类型的问题。我做了一些搜索，似乎 Scala 也不支持无符号数据类型。限制是Java和S
java - Java 7 的 Java 字节码可以在其他版本的 Java 中工作吗
我只是想知道在一个 java 版本中生成的字节码是否可以在其他 java 版本上运行最佳答案通常，字节码无需修改即可在较新版本的 Java 上运行。它不会在旧版本上运行，除非您使用特殊参数 (
java -cp 。 test.java 与 java test.java
我有一个关于在命令提示符下执行 java 程序的基本问题。在某些机器上我们需要指定 -cp 。 (类路径)同时执行java程序 (test为java文件名与.class文件存在于同一目录下) jav
java - 使用 Java (Java EE/Java SE) 的数据库应用程序设计模式
我已经阅读 StackOverflow 有一段时间了，现在我才鼓起勇气提出问题。我今年 20 岁，目前在我的家乡(罗马尼亚克卢日-纳波卡)就读 IT 大学。足以介绍:D。基本上，我有一家提供簿记应用
java - Java 中的解析可在 Java 中访问
我有 public JSONObject parseXML(String xml) { JSONObject jsonObject = XML.toJSONObject(xml); r
java - Java 中的解释性语言以及对 Java 方法的调用
我已经在 Java 中实现了带有动态类型的简单解释语言。不幸的是我遇到了以下问题。测试时如下代码: def main() { def ks = Map[[1, 2]].keySet()
java - java 序数 - Java I 类
一直提示输入 1 到 10 的数字 - 结果应将 st、rd、th 和 nd 添加到数字中。编写一个程序，提示用户输入 1 到 10 之间的任意整数，然后以序数形式显示该整数并附加后缀。 public
java - 如何从 Java 执行 Java？
我有这个 DownloadFile.java 并按预期下载该文件: import java.io.*; import java.net.URL; public class DownloadFile {
java - 延迟不适用于 java gui(java)
我想在 GUI 上添加延迟。我放置了 2 个 for 循环，然后重新绘制了一个标签，但这 2 个 for 循环一个接一个地执行，并且标签被重新绘制到最后一个。我能做什么？ for(int i=0;
java - Java 类中的硬编码 Java 列表
我正在对对象 Student 的列表项进行一些测试，但是我更喜欢在 java 类对象中创建硬编码列表，然后从那里提取数据，而不是连接到数据库并在结果集中选择记录。然而，自从我这样做以来已经很长时间了，
java - java 幕后对象创建(java 对象实例化)
我知道对象创建分为三个部分: 声明实例化初始化 classA{} classB extends classA{} classA obj = new classB(1,1); 实例化它必须使用
java - 车辆跟踪系统[java/Java EE]
我有兴趣使用 GPRS 构建车辆跟踪系统。但是，我有一些问题要问以前做过此操作的人: GPRS 是最好的技术吗？人们意识到任何问题吗？我计划使用 Java/Java EE - 有更好的技术吗？如果
java - 逆数组(Java)//逆数组(Java)
我可以通过递归方法反转数组，例如:数组={1,2,3,4,5} 数组结果={5,4,3,2,1}但我的结果是相同的数组，我不知道为什么，请帮助我。 public class Recursion { p
java - Java/Java EE 的构建和集成环境
有这样的标准方式吗？包括 Java源代码-测试代码- Ant 或 Maven联合单元持续集成(可能是巡航控制)ClearCase 版本控制工具部署到应用服务器最后我希望有一个自动构建和集成环境。
java - 我将如何从 java 程序打印文本？ ( java )
我什至不知道这是否可能，我非常怀疑它是否可能，但如果可以，您能告诉我怎么做吗？我只是想知道如何从打印机打印一些文本。有什么想法吗？最佳答案这里有更简单的事情。 import javax.swin

太空宇宙

个人简介

我是一名优秀的程序员,十分优秀！

作者热门文章

滴滴打车优惠券免费领取

全站热门文章

首页

博学

6Ren·AI

商城

java - 为 SSLServerSocket 设置安全性导致密码套件错误