gpt4 book ai didi

java - 客户端(浏览器)在连接到具有 CA 认证证书的 SSLSocket 时超时

转载 作者:太空宇宙 更新时间:2023-11-03 13:40:02 28 4
gpt4 key购买 nike

我遇到了问题,客户端(浏览器)在连接到具有 CA 签名证书的 keystore 的 SSLSocket 时超时。

我的SSLServer代码如下:

static{
try {
System.setProperty("javax.net.debug","all");
//Security.addProvider(new Provider());
System.setProperty("javax.net.debug","true");
System.setProperty("javax.net.ssl.keyStore","C:/cert/hello.jks");
System.setProperty("javax.net.ssl.keyStorePassword","****");
System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");
System.setProperty("https.protocols", "TLSv1.1");
SSLServerSocketFactory sslServerSocketfactory = (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
serverSocket = (SSLServerSocket)sslServerSocketfactory.createServerSocket(443);
//serverSocket = new ServerSocket(80);

serverSocket.setSoTimeout(0);
serverSocket.setReuseAddress(true);
serverSocket.setReceiveBufferSize(524288);
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}

接受连接的代码如下:

clientSocket = (SSLSocket) serverSocket.accept();
System.out.println(clientSocket);
clientSocket.setKeepAlive(true);
clientSocket.setSoTimeout(0);
//clientSocket.setReuseAddress(true);
clientSocket.setReceiveBufferSize(524288);

但不幸的是,当我尝试从浏览器连接到该 ip 的端口 443 时,比如https://ip:443 超时

在对 KeyStore 进行一些更改后,当我尝试将某些内容刷新到 clientSocket 时,我现在收到远程主机关闭连接错误,例如:

clinetSocket.flush

我得到以下异常:

    javax.net.ssl.SSLHandshakeException: Remote host closed connection during handsh
ake
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:946)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.
java:1312)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:702)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122)
at sun.nio.cs.StreamEncoder.writeBytes(StreamEncoder.java:221)
at sun.nio.cs.StreamEncoder.implFlushBuffer(StreamEncoder.java:291)
at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:295)
at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:141)
at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:229)
at java.io.BufferedWriter.flush(BufferedWriter.java:254)
at com.xxx.yyy.SocketSubscribe.run(SocketSubscribe.java:209)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at sun.security.ssl.InputRecord.read(InputRecord.java:482)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927)
... 11 more

下面是javax.net.ssl的调试日志,虽然我不是很懂日志,只是在GET/rest/whoami之后就显示socket is closed,不知道是哪个部分代码正在关闭套接字:

Allow unsafe renegotiation: true
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Server Socket Buffer Size: 524288
Protocols: [Ljava.lang.String;@56af5047
Cipher Suites: [Ljava.lang.String;@fbf91c7
69fba7e4[SSL_NULL_WITH_NULL_NULL: Socket[addr=/0:0:0:0:0:0:0:1,port=56797,localport=443]]
Thread-2, setSoTimeout(0) called
Client Socket Buffer Size: 524288
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for SSLv2Hello
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for SSLv3
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for SSLv3
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for SSLv3
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
[Raw read]: length = 5
0000: 16 03 01 00 D2 .....
[Raw read]: length = 210
0000: 01 00 00 CE 03 02 29 75 83 35 84 F8 E7 3B 32 97 ......)u.5...;2.
0010: 81 DD 54 10 FD 29 E8 05 72 ED 8C BC 11 B6 39 9C ..T..)..r.....9.
0020: A8 93 FE 73 43 86 20 54 4B 96 FC 0D B8 56 E2 EE ...sC. TK....V..
0030: 88 A6 05 ED 82 3E B2 C2 10 74 6C F0 68 4B 91 B3 .....>...tl.hK..
0040: 3D 8A FA 33 35 6F 88 00 28 C0 2B C0 2F 00 9E CC =..35o..(.+./...
0050: 14 CC 13 C0 0A C0 09 C0 13 C0 14 C0 07 C0 11 00 ................
0060: 33 00 32 00 39 00 9C 00 2F 00 35 00 0A 00 05 00 3.2.9.../.5.....
0070: 04 01 00 00 5D 00 00 00 0E 00 0C 00 00 09 6C 6F ....].........lo
0080: 63 61 6C 68 6F 73 74 FF 01 00 01 00 00 0A 00 08 calhost.........
0090: 00 06 00 17 00 18 00 19 00 0B 00 02 01 00 00 23 ...............#
00A0: 00 00 33 74 00 00 00 10 00 1B 00 19 06 73 70 64 ..3t.........spd
00B0: 79 2F 33 08 73 70 64 79 2F 33 2E 31 08 68 74 74 y/3.spdy/3.1.htt
00C0: 70 2F 31 2E 31 00 05 00 05 01 00 00 00 00 00 12 p/1.1...........
00D0: 00 00 ..
Thread-2, READ: TLSv1 Handshake, length = 210
*** ClientHello, TLSv1.1
RandomCookie: GMT: 695501621 bytes = { 132, 248, 231, 59, 50, 151, 129, 221, 84, 16, 253, 41, 232, 5, 114, 237, 140, 188, 17, 182, 57, 156, 168, 147, 254, 115, 67, 134 }
Session ID: {84, 75, 150, 252, 13, 184, 86, 226, 238, 136, 166, 5, 237, 130, 62, 178, 194, 16, 116, 108, 240, 104, 75, 145, 179, 61, 138, 250, 51, 53, 111, 136}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xcc:0x14, Unknown 0xcc:0x13, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5]
Compression Methods: { 0 }
Extension server_name, server_name: [host_name: localhost]
Extension renegotiation_info, renegotiated_connection: <empty>
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}
Extension ec_point_formats, formats: [uncompressed]
Unsupported extension type_35, data:
Unsupported extension type_13172, data:
Unsupported extension type_16, data: 00:19:06:73:70:64:79:2f:33:08:73:70:64:79:2f:33:2e:31:08:68:74:74:70:2f:31:2e:31
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data:
***
[read] MD5 and SHA1 hashes: len = 210
0000: 01 00 00 CE 03 02 29 75 83 35 84 F8 E7 3B 32 97 ......)u.5...;2.
0010: 81 DD 54 10 FD 29 E8 05 72 ED 8C BC 11 B6 39 9C ..T..)..r.....9.
0020: A8 93 FE 73 43 86 20 54 4B 96 FC 0D B8 56 E2 EE ...sC. TK....V..
0030: 88 A6 05 ED 82 3E B2 C2 10 74 6C F0 68 4B 91 B3 .....>...tl.hK..
0040: 3D 8A FA 33 35 6F 88 00 28 C0 2B C0 2F 00 9E CC =..35o..(.+./...
0050: 14 CC 13 C0 0A C0 09 C0 13 C0 14 C0 07 C0 11 00 ................
0060: 33 00 32 00 39 00 9C 00 2F 00 35 00 0A 00 05 00 3.2.9.../.5.....
0070: 04 01 00 00 5D 00 00 00 0E 00 0C 00 00 09 6C 6F ....].........lo
0080: 63 61 6C 68 6F 73 74 FF 01 00 01 00 00 0A 00 08 calhost.........
0090: 00 06 00 17 00 18 00 19 00 0B 00 02 01 00 00 23 ...............#
00A0: 00 00 33 74 00 00 00 10 00 1B 00 19 06 73 70 64 ..3t.........spd
00B0: 79 2F 33 08 73 70 64 79 2F 33 2E 31 08 68 74 74 y/3.spdy/3.1.htt
00C0: 70 2F 31 2E 31 00 05 00 05 01 00 00 00 00 00 12 p/1.1...........
00D0: 00 00 ..
%% Resuming [Session-3, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
*** ServerHello, TLSv1.1
RandomCookie: GMT: 1414174480 bytes = { 24, 194, 29, 184, 17, 188, 176, 74, 202, 134, 74, 228, 87, 199, 127, 151, 215, 71, 48, 249, 57, 34, 104, 251, 39, 138, 66, 110 }
Session ID: {84, 75, 150, 252, 13, 184, 86, 226, 238, 136, 166, 5, 237, 130, 62, 178, 194, 16, 116, 108, 240, 104, 75, 145, 179, 61, 138, 250, 51, 53, 111, 136}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
Cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
CONNECTION KEYGEN:
Client Nonce:
0000: 29 75 83 35 84 F8 E7 3B 32 97 81 DD 54 10 FD 29 )u.5...;2...T..)
0010: E8 05 72 ED 8C BC 11 B6 39 9C A8 93 FE 73 43 86 ..r.....9....sC.
Server Nonce:
0000: 54 4B 97 10 18 C2 1D B8 11 BC B0 4A CA 86 4A E4 TK.........J..J.
0010: 57 C7 7F 97 D7 47 30 F9 39 22 68 FB 27 8A 42 6E W....G0.9"h.'.Bn
Master Secret:
0000: B5 87 A5 75 CE 80 96 41 D6 44 EE 25 8B CE 58 F7 ...u...A.D.%..X.
0010: 9D 5A 7C 6D 21 25 B8 4B 6F 0D 0F ED E4 45 45 27 .Z.m!%.Ko....EE'
0020: 79 55 9B 23 B0 DF 55 41 A4 ED 4E 54 F0 F0 E9 BD yU.#..UA..NT....
Client MAC write Secret:
0000: D6 C2 97 B5 6B 0E 30 5C 74 E3 97 74 4F 08 DA 7B ....k.0\t..tO...
0010: DC 2B 2F DA .+/.
Server MAC write Secret:
0000: C3 4D 73 9B FB D5 F4 B2 0F 6A 9D 78 0C 69 2F D4 .Ms......j.x.i/.
0010: 01 8C 10 5C ...\
Client write key:
0000: 94 4B 87 12 E0 22 1A 12 EF 1E B6 FC 92 34 9E 5A .K...".......4.Z
Server write key:
0000: 52 6B E1 F0 75 7B A8 40 D1 05 8C 0A AB 45 09 39 Rk..u..@.....E.9
... no IV derived for this protocol
[write] MD5 and SHA1 hashes: len = 81
0000: 02 00 00 4D 03 02 54 4B 97 10 18 C2 1D B8 11 BC ...M..TK........
0010: B0 4A CA 86 4A E4 57 C7 7F 97 D7 47 30 F9 39 22 .J..J.W....G0.9"
0020: 68 FB 27 8A 42 6E 20 54 4B 96 FC 0D B8 56 E2 EE h.'.Bn TK....V..
0030: 88 A6 05 ED 82 3E B2 C2 10 74 6C F0 68 4B 91 B3 .....>...tl.hK..
0040: 3D 8A FA 33 35 6F 88 C0 13 00 00 05 FF 01 00 01 =..35o..........
0050: 00 .
Thread-2, WRITE: TLSv1.1 Handshake, length = 81
[Raw write]: length = 86
0000: 16 03 02 00 51 02 00 00 4D 03 02 54 4B 97 10 18 ....Q...M..TK...
0010: C2 1D B8 11 BC B0 4A CA 86 4A E4 57 C7 7F 97 D7 ......J..J.W....
0020: 47 30 F9 39 22 68 FB 27 8A 42 6E 20 54 4B 96 FC G0.9"h.'.Bn TK..
0030: 0D B8 56 E2 EE 88 A6 05 ED 82 3E B2 C2 10 74 6C ..V.......>...tl
0040: F0 68 4B 91 B3 3D 8A FA 33 35 6F 88 C0 13 00 00 .hK..=..35o.....
0050: 05 FF 01 00 01 00 ......
Thread-2, WRITE: TLSv1.1 Change Cipher Spec, length = 1
[Raw write]: length = 6
0000: 14 03 02 00 01 01 ......
*** Finished
verify_data: { 57, 238, 77, 236, 77, 135, 122, 59, 25, 135, 211, 216 }
***
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 39 EE 4D EC 4D 87 7A 3B 19 87 D3 D8 ....9.M.M.z;....
Padded plaintext before ENCRYPTION: len = 64
0000: 35 E9 9F 49 C4 FE BF AE 8B 55 4C 70 04 C5 C0 42 5..I.....ULp...B
0010: 14 00 00 0C 39 EE 4D EC 4D 87 7A 3B 19 87 D3 D8 ....9.M.M.z;....
0020: 28 85 41 30 DF F1 D2 42 74 EB 3E 82 1B 6D CC 4C (.A0...Bt.>..m.L
0030: 4B 6E 80 4A 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B Kn.J............
Thread-2, WRITE: TLSv1.1 Handshake, length = 64
[Raw write]: length = 69
0000: 16 03 02 00 40 C9 9A 9A D1 82 A2 AC 60 FA 4F 43 ....@.......`.OC
0010: DD 57 43 32 4A BF 92 8A 12 65 F0 16 CB 16 4F B5 .WC2J....e....O.
0020: 23 96 F2 48 C6 A9 4D 06 27 49 61 C5 53 80 77 D5 #..H..M.'Ia.S.w.
0030: 8A 1F B4 B6 DA 0C 25 E4 D8 DD A7 47 43 3D 0C 70 ......%....GC=.p
0040: B0 19 78 BA 73 ..x.s
[Raw read]: length = 5
0000: 14 03 02 00 01 .....
[Raw read]: length = 1
0000: 01 .
Thread-2, READ: TLSv1.1 Change Cipher Spec, length = 1
[Raw read]: length = 5
0000: 16 03 02 00 40 ....@
[Raw read]: length = 64
0000: 72 4A F7 CA 9B A0 57 47 EB CE 9B DF D1 E4 2D A5 rJ....WG......-.
0010: 2F FE 67 96 4C 1A F6 56 D4 1F 1E 48 4F 64 86 4A /.g.L..V...HOd.J
0020: 6A F7 BB 2F 87 C0 A3 CA F0 39 C7 90 B2 E2 35 F4 j../.....9....5.
0030: 44 AE 64 D3 FF A8 C5 30 84 3A 0B 34 AE 84 F6 B9 D.d....0.:.4....
Thread-2, READ: TLSv1.1 Handshake, length = 64
Padded plaintext after DECRYPTION: len = 64
0000: D2 BC DF 8A 80 40 10 DE 90 A1 D5 8A E0 B8 04 F9 .....@..........
0010: 14 00 00 0C 66 BD BC 35 7E 3D 7A 93 03 0B B6 64 ....f..5.=z....d
0020: B1 55 14 B8 5B 29 80 B4 0D 8F BE 97 39 79 86 B4 .U..[)......9y..
0030: 99 6E 5F E9 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B .n_.............
*** Finished
verify_data: { 102, 189, 188, 53, 126, 61, 122, 147, 3, 11, 182, 100 }
***
[read] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 66 BD BC 35 7E 3D 7A 93 03 0B B6 64 ....f..5.=z....d
Padded plaintext before ENCRYPTION: len = 96
0000: 4B C0 CC 7C AA 1F 07 E5 55 CF 3E D9 5C F3 29 29 K.......U.>.\.))
0010: 47 45 54 20 2F 72 65 73 74 2F 77 68 6F 61 6D 69 GET /rest/whoami
0020: 20 48 54 54 50 2F 31 2E 31 0D 0A 48 6F 73 74 3A HTTP/1.1..Host:
0030: 20 6E 75 6C 6C 3A 38 30 0D 0A 0D 0A 82 83 A4 49 null:80.......I
0040: 06 82 C4 7B 0C 30 66 1F 59 1A 55 E8 25 2A 1F 5C .....0f.Y.U.%*.\
0050: 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F 0F ................
Thread-2, WRITE: TLSv1.1 Application Data, length = 96
[Raw write]: length = 101
0000: 17 03 02 00 60 94 99 04 5E DD 65 08 26 C1 E9 EF ....`...^.e.&...
0010: 04 A6 9A 75 4D 1E 29 25 3B E2 6D 2B 7D 97 43 A2 ...uM.)%;.m+..C.
0020: BB 13 CA 05 92 9D 5A 8F 1C B5 DE FF 06 BE AA D7 ......Z.........
0030: 87 D8 8A DF B2 1D A4 D8 17 34 82 66 2A 45 44 19 .........4.f*ED.
0040: A1 14 86 43 E9 79 0B EB 1E 4F 76 DD FD 8F 8E E7 ...C.y...Ov.....
0050: 9D 63 A7 85 B4 BC BB 6D B7 B1 A2 6B C9 85 18 D5 .c.....m...k....
0060: 52 B4 B6 6F 37 R..o7
Sent Request: GET /rest/whoami HTTP/1.1
Host: null:80

Response is null, returning
Thread-2, called close()
Thread-2, called closeInternal(true)
Thread-2, SEND TLSv1.1 ALERT: warning, description = close_notify
Padded plaintext before ENCRYPTION: len = 48
0000: 65 95 C1 4A D3 F0 60 38 39 3E 42 88 E0 BB AC 89 e..J..`89>B.....
0010: 01 00 FF 2D FE 2D B1 0A 24 17 19 6A 1A CD FB 54 ...-.-..$..j...T
0020: 0E CA C6 C1 BF A8 09 09 09 09 09 09 09 09 09 09 ................
Thread-2, WRITE: TLSv1.1 Alert, length = 48
[Raw write]: length = 53
0000: 15 03 02 00 30 8B DC 0A C6 99 93 A4 22 D0 A4 3E ....0......."..>
0010: AE 6E 0D B1 33 AF 2E 1D FB 48 52 5E 97 16 DD 1E .n..3....HR^....
0020: 43 79 53 1F 87 FE AC 23 FE 2B E6 85 EC F3 03 B7 CyS....#.+......
0030: 02 07 65 6A 00 ..ej.
Thread-2, called closeSocket(selfInitiated)

我编写了一个最终从服务器获取请求的客户端。但是当客户端将响应发送回服务器时。服务器套接字已经关闭。我还看到,由于我们使用的是 TLS,客户端发送了两条服务器无法解密的应用程序消息,服务器发送了 ALert 21 并断开了连接。

客户端如下:

public static void main(String[] args) {

 try {

SSLSocketFactory socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket socket = (SSLSocket)
socketFactory.createSocket(new Socket("IP",443), "IP", 443, false);
socket.startHandshake();
socket.setKeepAlive(true);
socket.setSoTimeout(0);
BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream()));
System.out.println(in.readLine());
BufferedWriter out = new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()));
out.write("I got the rest call whoami");
out.flush();

} catch (UnknownHostException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

最佳答案

从您的调试输出:

....
Sent Request: GET /rest/whoami HTTP/1.1
Host: null:80

Response is null, returning
Thread-2, called close()
Thread-2, called closeInternal(true)
Thread-2, SEND TLSv1.1 ALERT: warning, description = close_notify

这意味着服务器成功解密了来自客户端的请求。但是看起来您的服务器不喜欢该请求,因此它不会创建任何响应并且连接会在不发送回任何数据的情况下关闭。 close_notify 警报无需担心,这只是正常关闭 SSL 连接的一部分。

因为您没有发布任何在服务器端(即 HTTP 协议(protocol)部分)实现应用程序逻辑的代码,所以我不知道服务器不喜欢客户端请求的什么内容。

I wrote a client which eventually gets a request from the server. But when the client sends the response back to the Server. The server socket is already closed.

我觉得你在这里有点困惑。客户端(浏览器)向服务器(您已经实现)发送一个(HTTP)请求,然后服务器必须解析该请求,然后将(HTTP)响应发送回客户端,而不是像您那样反过来描述一下。

关于java - 客户端(浏览器)在连接到具有 CA 认证证书的 SSLSocket 时超时,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26493360/

28 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com