个人中心
文章发布
退出
作者热门文章
- android - 多次调用 OnPrimaryClipChangedListener
- android - 无法更新 RecyclerView 中的 TextView 字段
- android.database.CursorIndexOutOfBoundsException : Index 0 requested, 光标大小为 0
- android - 使用 AppCompat 时,我们是否需要明确指定其 UI 组件(Spinner、EditText)颜色
26
4
我已经使用以下链接中 pedrofb 提供的解决方案配置了 keystore 和信任库 How to configure two way SSL connection in Spring WS without using Spring boot and using separate Apache tomcat server?
我已经在 tomcat 7 中为客户端和服务器设置了 keystore 和 trustore 属性。但是,当我尝试连接到服务器时,出现以下错误
Using SSLEngineImpl.
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
Using SSLEngineImpl.
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
http-nio-8443-exec-9, READ: TLSv1 Handshake, length = 185
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
*** ClientHello, TLSv1.2
RandomCookie: GMT: -364265602 bytes = { 151, 161, 117, 135, 49, 179, 239, 50, 221, 113, 108, 85, 152, 173, 82, 244, 120, 98, 133, 94, 72, 13, 209, 43, 60, 89, 124, 77 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, Unknown 0xcc:0xa9, Unknown 0xcc:0xa8, Unknown 0xcc:0x14, Unknown 0xcc:0x13, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
Compression Methods: { 0 }
Extension renegotiation_info, renegotiated_connection: <empty>
Extension server_name, server_name: [type=host_name (0), value=localhost]
Unsupported extension type_23, data:
Unsupported extension type_35, data:
Extension signature_algorithms, signature_algorithms: SHA512withRSA, SHA512withECDSA, SHA384withRSA, SHA384withECDSA, SHA256withRSA, SHA256withECDSA, SHA1withRSA, SHA1withECDSA
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data:
Unsupported extension type_16, data: 00:0c:02:68:32:08:68:74:74:70:2f:31:2e:31
Unsupported extension type_30032, data:
Extension ec_point_formats, formats: [uncompressed]
Extension elliptic_curves, curve names: {unknown curve 29, secp256r1, secp384r1}
***
http-nio-8443-exec-1, READ: TLSv1 Handshake, length = 185
*** ClientHello, TLSv1.2
RandomCookie: GMT: 624575245 bytes = { 5, 128, 117, 156, 92, 134, 29, 210, 250, 146, 110, 193, 126, 10, 111%% Initialized: [Session-27, SSL_NULL_WITH_NULL_NULL]
, 45, 132, 231, 235, 77, 110, 238, 35, 93, 37, 164, 168, 251 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, Unknown 0xcc:0xa9, Unknown 0xcc:0xa8, Unknown 0xcc:0x14, Unknown 0xcc:0x13, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
Compression Methods: { 0 }
Extension renegotiation_info, renegotiated_connection: <empty>
Extension server_name, server_name: [type=host_name (0), value=localhost]
Unsupported extension type_23, data:
Unsupported extension type_35, data:
Extension signature_algorithms, signature_algorithms: SHA512withRSA, SHA512withECDSA, SHA384withRSA, SHA384withECDSA, SHA256withRSA, SHA256withECDSA, SHA1withRSA, SHA1withECDSA
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data:
Unsupported extension type_16, data: 00:0c:02:68:32:08:68:74:74:70:2f:31:2e:31
Unsupported extension type_30032, data:
Extension ec_point_formats, formats: [uncompressed]
Extension elliptic_curves, curve names: {unknown curve 29, secp256r1, secp384r1}
***
%% Initialized: [Session-28, SSL_NULL_WITH_NULL_NULL]
%% Negotiating: [Session-27, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
*** ServerHello, TLSv1.2
RandomCookie: GMT: 1465167446 bytes = { 250, 227, 168, 23, 5, 88, 160, 124, 42, 177, 14, 37, 174, 160, 121, 13, 224, 215, 45, 17, 46, 117, 215, 62, 224, 31, 241, 109 }
Session ID: {87, 85, 174, 86, 210, 17, 84, 99, 103, 218, 211, 254, 20, 253, 117, 8, 221, 141, 57, 197, 148, 244, 184, 91, 112, 35, 41, 60, 219, 23, 171, 67}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
Cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
*** Certificate chain
chain [0] = [
[
Version: V1
Subject: EMAILADDRESS=briantauro7@gmail.com, CN=localhost, OU=localhost, O=ITCOVENANT, L=Coimbatore, ST=Tamil Badu, C=IN
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key, 1024 bits
modulus: 119392845705983053232381066342242552100246759562149136263179036450311601341483905580607024283403956181584600045082844169675168228225812598145033750549880051511514384914836915917053974822328749850134357052060356957993078530363525462150764881452639783264103642429891992181964954455911798298926528546562832494147
public exponent: 65537
Validity: [From: Mon Jun 06 22:09:30 IST 2016,
To: Tue Jun 06 22:09:30 IST 2017]
Issuer: EMAILADDRESS=briantauro7@gmail.com, CN=localhost, OU=localhost, O=ITCOVENANT, L=Coimbatore, ST=Tamil Badu, C=IN
SerialNumber: [ 9f141eca db1b5892]
]
Algorithm: [SHA256withRSA]
Signature:
0000: 52 80 1C 6C CF 67 1E 54 A8 D7 52 63 63 A6 5C E8 R..l.g.T..Rcc.\.
0010: 06 AB 45 17 D9 EF A5 BA AB 15 63 D0 8B 3E A8 F4 ..E.......c..>..
0020: 16 DD 0A AB 64 7D 16 BD B6 72 61 51 2C CA F3 F0 ....d....raQ,...
0030: 72 42 AF EF 67 0C B8 F4 99 26 34 12 A6 44 67 81 rB..g....&4..Dg.
0040: 78 79 4B 29 CC FB BC 75 32 61 54 1D C4 5F F2 BD xyK)...u2aT.._..
0050: 0E 5C A4 C0 A5 67 44 53 1B 0C 58 01 F0 A2 EC F3 .\...gDS..X.....
0060: 94 F3 D9 FB D3 1A A5 BA D9 7E 9E 49 90 10 84 7F ...........I....
0070: A6 7E 03 80 C0 17 2E F3 89 DE 27 31 C1 54 B5 AC ..........'1.T..
]
***
%% Negotiating: [Session-28, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
*** ServerHello, TLSv1.2
RandomCookie: GMT: 1465167446 bytes = { 103, 27, 241, 116, 15, 29, 188, 76, 143, 250, 43, 244, 203, 202, 45, 229, 174, 22, 232, 84, 101, 180, 15, 46, 1, 2, 102, 153 }
Session ID: {87, 85, 174, 86, 57, 163, 69, 204, 125, 206, 51, 246, 36, 126, 169, 3, 253, 63, 0, 8, 97, 161, 116, 83, 52, 47, 229, 6, 202, 194, 109, 25}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
Cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
*** Certificate chain
chain [0] = [
[
Version: V1
Subject: EMAILADDRESS=briantauro7@gmail.com, CN=localhost, OU=localhost, O=ITCOVENANT, L=Coimbatore, ST=Tamil Badu, C=IN
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key, 1024 bits
modulus: 119392845705983053232381066342242552100246759562149136263179036450311601341483905580607024283403956181584600045082844169675168228225812598145033750549880051511514384914836915917053974822328749850134357052060356957993078530363525462150764881452639783264103642429891992181964954455911798298926528546562832494147
public exponent: 65537
Validity: [From: Mon Jun 06 22:09:30 IST 2016,
To: Tue Jun 06 22:09:30 IST 2017]
Issuer: EMAILADDRESS=briantauro7@gmail.com, CN=localhost, OU=localhost, O=ITCOVENANT, L=Coimbatore, ST=Tamil Badu, C=IN
SerialNumber: [ 9f141eca db1b5892]
]
Algorithm: [SHA256withRSA]
Signature:
0000: 52 80 1C 6C CF 67 1E 54 A8 D7 52 63 63 A6 5C E8 R..l.g.T..Rcc.\.
0010: 06 AB 45 17 D9 EF A5 BA AB 15 63 D0 8B 3E A8 F4 ..E.......c..>..
0020: 16 DD 0A AB 64 7D 16 BD B6 72 61 51 2C CA F3 F0 ....d....raQ,...
0030: 72 42 AF EF 67 0C B8 F4 99 26 34 12 A6 44 67 81 rB..g....&4..Dg.
0040: 78 79 4B 29 CC FB BC 75 32 61 54 1D C4 5F F2 BD xyK)...u2aT.._..
0050: 0E 5C A4 C0 A5 67 44 53 1B 0C 58 01 F0 A2 EC F3 .\...gDS..X.....
0060: 94 F3 D9 FB D3 1A A5 BA D9 7E 9E 49 90 10 84 7F ...........I....
0070: A6 7E 03 80 C0 17 2E F3 89 DE 27 31 C1 54 B5 AC ..........'1.T..
]
***
*** ECDH ServerKeyExchange
*** ECDH ServerKeyExchange
Signature Algorithm SHA512withRSA
Server key: Sun EC public key, 256 bits
public x coord: 85555666343139018963533967280538968797633662983139641438682557033369225999165
public y coord: 8427840957609862596834523195604231585301724865593291933177525359181625802444
parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
Cert Authorities:
<EMAILADDRESS=briantauro7@gmail.com, CN=localhost, OU=localhost, O=ItCovenant, L=Coimbatore, ST=Tamil Nadu, C=IN>
<EMAILADDRESS=briantauro7@gmail.com, CN=localhost, OU=localroot, O=Root, L=Coimbatore, ST=TamilNadu, C=IN>
*** ServerHelloDone
Signature Algorithm SHA512withRSA
http-nio-8443-exec-1, WRITE: TLSv1.2 Handshake, length = 1336
Server key: Sun EC public key, 256 bits
public x coord: 84402873937186238897029201223811091119078490206065291036407576822220964455837
public y coord: 102495088922183201760899172514801345100289489285600965229707082740951466499978
parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
Cert Authorities:
<EMAILADDRESS=briantauro7@gmail.com, CN=localhost, OU=localhost, O=ItCovenant, L=Coimbatore, ST=Tamil Nadu, C=IN>
<EMAILADDRESS=briantauro7@gmail.com, CN=localhost, OU=localroot, O=Root, L=Coimbatore, ST=TamilNadu, C=IN>
*** ServerHelloDone
http-nio-8443-exec-9, WRITE: TLSv1.2 Handshake, length = 1336
http-nio-8443-exec-9, called closeOutbound()
http-nio-8443-exec-9, closeOutboundInternal()
http-nio-8443-exec-9, SEND TLSv1.2 ALERT: warning, description = close_notify
http-nio-8443-exec-9, WRITE: TLSv1.2 Alert, length = 2
http-nio-8443-exec-9, called closeOutbound()
http-nio-8443-exec-9, closeOutboundInternal()
http-nio-8443-exec-9, SEND TLSv1.2 ALERT: warning, description = close_notify
http-nio-8443-exec-9, WRITE: TLSv1.2 Alert, length = 2
Using SSLEngineImpl.
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
http-nio-8443-exec-4, READ: TLSv1 Handshake, length = 185
*** ClientHello, TLSv1.2
RandomCookie: GMT: -1587396700 bytes = { 168, 137, 156, 195, 17, 132, 253, 181, 204, 114, 165, 228, 86, 231, 233, 158, 148, 15, 75, 153, 17, 24, 212, 36, 209, 134, 90, 182 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, Unknown 0xcc:0xa9, Unknown 0xcc:0xa8, Unknown 0xcc:0x14, Unknown 0xcc:0x13, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
Compression Methods: { 0 }
Extension renegotiation_info, renegotiated_connection: <empty>
Extension server_name, server_name: [type=host_name (0), value=localhost]
Unsupported extension type_23, data:
Unsupported extension type_35, data:
Extension signature_algorithms, signature_algorithms: SHA512withRSA, SHA512withECDSA, SHA384withRSA, SHA384withECDSA, SHA256withRSA, SHA256withECDSA, SHA1withRSA, SHA1withECDSA
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data:
Unsupported extension type_16, data: 00:0c:02:68:32:08:68:74:74:70:2f:31:2e:31
Unsupported extension type_30032, data:
Extension ec_point_formats, formats: [uncompressed]
Extension elliptic_curves, curve names: {unknown curve 29, secp256r1, secp384r1}
***
%% Initialized: [Session-29, SSL_NULL_WITH_NULL_NULL]
%% Negotiating: [Session-29, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
*** ServerHello, TLSv1.2
RandomCookie: GMT: 1465167446 bytes = { 225, 169, 240, 135, 216, 14, 179, 8, 242, 163, 54, 198, 242, 182, 103, 125, 233, 71, 73, 94, 94, 112, 96, 92, 230, 44, 24, 124 }
Session ID: {87, 85, 174, 86, 58, 130, 84, 54, 254, 224, 181, 52, 14, 113, 71, 231, 52, 58, 218, 105, 147, 197, 135, 24, 188, 193, 25, 160, 12, 186, 145, 122}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
Cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
*** Certificate chain
chain [0] = [
[
Version: V1
Subject: EMAILADDRESS=briantauro7@gmail.com, CN=localhost, OU=localhost, O=ITCOVENANT, L=Coimbatore, ST=Tamil Badu, C=IN
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key, 1024 bits
modulus: 119392845705983053232381066342242552100246759562149136263179036450311601341483905580607024283403956181584600045082844169675168228225812598145033750549880051511514384914836915917053974822328749850134357052060356957993078530363525462150764881452639783264103642429891992181964954455911798298926528546562832494147
public exponent: 65537
Validity: [From: Mon Jun 06 22:09:30 IST 2016,
To: Tue Jun 06 22:09:30 IST 2017]
Issuer: EMAILADDRESS=briantauro7@gmail.com, CN=localhost, OU=localhost, O=ITCOVENANT, L=Coimbatore, ST=Tamil Badu, C=IN
SerialNumber: [ 9f141eca db1b5892]
]
Algorithm: [SHA256withRSA]
Signature:
0000: 52 80 1C 6C CF 67 1E 54 A8 D7 52 63 63 A6 5C E8 R..l.g.T..Rcc.\.
0010: 06 AB 45 17 D9 EF A5 BA AB 15 63 D0 8B 3E A8 F4 ..E.......c..>..
0020: 16 DD 0A AB 64 7D 16 BD B6 72 61 51 2C CA F3 F0 ....d....raQ,...
0030: 72 42 AF EF 67 0C B8 F4 99 26 34 12 A6 44 67 81 rB..g....&4..Dg.
0040: 78 79 4B 29 CC FB BC 75 32 61 54 1D C4 5F F2 BD xyK)...u2aT.._..
0050: 0E 5C A4 C0 A5 67 44 53 1B 0C 58 01 F0 A2 EC F3 .\...gDS..X.....
0060: 94 F3 D9 FB D3 1A A5 BA D9 7E 9E 49 90 10 84 7F ...........I....
0070: A6 7E 03 80 C0 17 2E F3 89 DE 27 31 C1 54 B5 AC ..........'1.T..
]
***
*** ECDH ServerKeyExchange
Signature Algorithm SHA512withRSA
Server key: Sun EC public key, 256 bits
public x coord: 81903135861506604845195203015394003955799288815680914864504286597024832297135
public y coord: 106714826192296131282741266053860770585192831249415196199432006232074628631588
parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
Cert Authorities:
<EMAILADDRESS=briantauro7@gmail.com, CN=localhost, OU=localhost, O=ItCovenant, L=Coimbatore, ST=Tamil Nadu, C=IN>
<EMAILADDRESS=briantauro7@gmail.com, CN=localhost, OU=localroot, O=Root, L=Coimbatore, ST=TamilNadu, C=IN>
*** ServerHelloDone
http-nio-8443-exec-4, WRITE: TLSv1.2 Handshake, length = 1336
http-nio-8443-exec-6, READ: TLSv1.2 Handshake, length = 7
*** Certificate chain
<Empty>
***
http-nio-8443-exec-6, fatal error: 42: null cert chain
javax.net.ssl.SSLHandshakeException: null cert chain
%% Invalidated: [Session-29, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
http-nio-8443-exec-6, SEND TLSv1.2 ALERT: fatal, description = bad_certificate
http-nio-8443-exec-6, WRITE: TLSv1.2 Alert, length = 2
http-nio-8443-exec-6, fatal: engine already closed. Rethrowing javax.net.ssl.SSLHandshakeException: null cert chain
http-nio-8443-exec-6, called closeOutbound()
http-nio-8443-exec-6, closeOutboundInternal()
在客户端,我在浏览器中出现以下错误
Try contacting the system admin.
ERR_BAD_SSL_CLIENT_AUTH_CERT
客户端在服务器请求时不发送其证书。
我是否必须在客户端和服务器中都保留 clientauth=true?
My Server keystore contains server.pfx
My Server trustore contains client.crt and ca.crt
My Client keystore contains client.p12 client.crt ca.crt
My Client trustore contains server.crt
谢谢
最佳答案
服务器正在请求证书并提供可信签名者列表。这来自服务器的信任库。客户端在其 keystore 中没有这些签名者之一签名的证书,因此它无法发送证书。
解决方案:要么让受信任的签署者之一签署客户端证书,要么增强受信任的签署者以包括客户端证书的签署者。
关于java - 如何使用 openssl 在 tomcat 7 上的客户端和服务器上配置双向 ssl 生成 ssl 证书?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/37654537/
26
4
0
我有 2 个类:User 和 UserPicture,它们具有 1:1 关系。 public class User { @Id @GeneratedValue(strategy=G
使用ssh转发时,我无法针对远程服务器使用cvs和ftp进行提交。是否可以让服务器对我的机器发起请求-我希望服务器上的Web应用程序调用我的机器上的REST方法。 谢谢。 尼古拉·G。 最佳答案 是的
我正在 Python 2.7.12 中实现双向 A* 算法,并在 Russell 和 Norvig 第 3 章的罗马尼亚 map 上进行测试。边具有权重,目的是找到两个节点之间的最短路径。 这是测试图
您能否建议一种映射或类似的数据结构,让我们可以轻松地相互获取值和键。也就是说,每个都可以用来寻找另一个。 最佳答案 Java 在其标准库中没有双向映射。 例如使用 BiMap 来自Google Gua
我想同步两个数据库运行时 服务器 A:安装了公共(public) IP 和 mysql 的 Amazon ec2。服务器B:这是局域网中带有mysql的私有(private)机器。 (IP是私有(pr
保存双向@OneToOne 映射时,hibernate 是否应该在两个表上都记录? 我有一个包含 applicant_id 列的表 interview,它引用了包含字段 interview_id 的
我喜欢新的 SwipeRefreshLayout!它看起来很棒,而且非常容易使用。但我想在两个方向上使用它。我有一个消息屏幕,我想通过从上到下滑动来加载旧消息,我想通过从下到上滑动来加载新消息。 这个
使用 ICS 4.0.1(愿意升级到 4.0.3)(不会 root 和重写 android 操作系统) 在接收到 android beam 后,是否可以将 NDEF 消息发送回 android 手机
我想知道处理这种 git 场景的最佳方法: Git 仓库:CoreProduct Git repo b: SpecificCustomerProduct 是从 a fork 出来的 到目前为止,我们一
这个问题在这里已经有了答案: How to implement an efficient bidirectional hash table? (8 个回答) 关闭2年前。 我在 python 中做这个
您能否推荐一种 map 或类似的数据结构,我们可以在其中轻松地从彼此获取值和键。也就是说,每个都可以用来寻找另一个。 最佳答案 Java 在其标准库中没有双向映射。 例如使用 BiMap 来自 Goo
Java中是否有类似双面列表的东西?也许第三方实现? 这里有一个小例子来证明我的想法。 原始状态: 答:0-1-2-3 | | | | 乙:0-1-2-3 删除 B 中的元素 1 后: 空值 | 答:
我有两个实体通过这样的双向 OneToOne 关联连接: @Entity class Parent { @NotNull String businessKey; @OneToO
我已将 Vagrant 配置为使用 Rsync 共享文件夹而不是(非常慢)vboxsf VirtualBox 默认提供的文件系统: Vagrant.configure("2") do |config|
@keyframes mgm { from { max-height: 250px; } to { max-height: 0px; } } .mgm {
我想了解有关使用双向 LSTM 进行序列分类时合并模式的更多详细信息,尤其是对于我还不清楚的“Concat”合并模式。 根据我对这个方案的理解: 在将前向和后向层的合并结果传递到 sigmoid 函数
我有兴趣将本地 git 存储库设置为远程存储库的镜像。我已经阅读了一些可能相关的帖子,但主要区别在于我需要对两个存储库进行读写访问。 大多数时候,用户会针对 Repo A 工作,但是有时他们会针对 R
我已经仔细阅读了文档 https://firebase.google.com/docs/database/web/read-and-write以及网上很多例子。但这里有一个脱节:在将对象添加到数据库时
这个问题已经有答案了: Hibernate bidirectional @ManyToOne, updating the not owning side not working (3 个回答) 已关闭
我知道有很多关于它的问题,但我找不到针对我的问题的好的答案。 我使用 Jboss 作为 7,Spring 和 Hibernate (4) 作为 JPA 2.0 提供程序,因此我有简单的 @OneToM
我是一名优秀的程序员,十分优秀!