问题:
使用Jsoup时,Java 11 HTTPS连接因SSL握手异常而失败
山越
我试图抓取一个网页(这一个)使用J汤库。在执行简单的GET操作时,我得到了以下异常:
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.431 EET|Utilities.java:73|the previous server name in SNI (type=host_name (0), value=www.kitapburada.com) was replaced with (type=host_name (0), value=www.kitapburada.com)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.432 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_128_GCM_SHA256 for TLS12
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.432 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_256_GCM_SHA384 for TLS12
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.435 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.435 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.435 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.435 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.436 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.437 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.439 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.439 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.441 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.441 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.441 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.441 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.444 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.444 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.444 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLS10
javax.net.ssl|ALL|01|main|2018-12-24 15:41:06.446 EET|ClientHello.java:533|Try resuming session (
Session(1545655264774|TLS_AES_128_GCM_SHA256)
)
javax.net.ssl|WARNING|01|main|2018-12-24 15:41:06.447 EET|ServerNameExtension.java:255|Unable to indicate server name
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.447 EET|SSLExtensions.java:235|Ignore, context unavailable extension: server_name
javax.net.ssl|ALL|01|main|2018-12-24 15:41:06.448 EET|SignatureScheme.java:358|Ignore disabled signature sheme: rsa_md5
javax.net.ssl|INFO|01|main|2018-12-24 15:41:06.449 EET|AlpnExtension.java:161|No available application protocols
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.450 EET|SSLExtensions.java:235|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.450 EET|SSLExtensions.java:235|Ignore, context unavailable extension: cookie
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.453 EET|SSLExtensions.java:235|Ignore, context unavailable extension: renegotiation_info
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.454 EET|PreSharedKeyExtension.java:660|Found resumable session. Preparing PSK message.
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.460 EET|ClientHello.java:651|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "92 34 9B 36 90 0C 89 8F 5B E6 C9 D9 DA 57 C6 80 EA B8 41 09 62 2A 7E E8 40 E3 6F 24 A4 17 B2 CB",
"session id" : "",
"cipher suites" : "[TLS_AES_128_GCM_SHA256(0x1301), TLS_AES_256_GCM_SHA384(0x1302), TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
"compression methods" : "00",
"extensions" : [
"status_request (5)": {
"certificate status type": ocsp
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
},
"supported_groups (10)": {
"versions": [secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
},
"ec_point_formats (11)": {
"formats": [uncompressed]
},
"signature_algorithms (13)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"signature_algorithms_cert (50)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"status_request_v2 (17)": {
"cert status request": {
"certificate status type": ocsp_multi
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
}
},
"extended_master_secret (23)": {
<empty>
},
"supported_versions (43)": {
"versions": [TLSv1.3, TLSv1.2, TLSv1.1, TLSv1]
},
"psk_key_exchange_modes (45)": {
"ke_modes": [psk_dhe_ke]
},
"key_share (51)": {
"client_shares": [
{
"named group": secp256r1
"key_exchange": {
0000: 04 DA 61 A6 AD F0 04 28 48 13 86 AF EA 2F EB A5 ..a....(H..../..
0010: 0A 0C 40 80 C2 C6 81 FE 04 87 7E 52 B1 C9 92 A4 ..@........R....
0020: C3 6B 9C CA 49 B5 8A 4C 08 9B 38 70 01 68 AF 13 .k..I..L..8p.h..
0030: 42 63 8B 08 C5 1A 13 7D 87 35 48 1B 97 1A CE 67 Bc.......5H....g
0040: 10
}
},
]
},
"pre_shared_key (41)": {
"PreSharedKey": {
"identities" : " {47 84 2C AA 7B 65 00 50 67 90 20 6A 1C 4D BB 4C 60 55 22 B6 06 76 B7 F7 EC BC FC 07 E9 E0 E2 6D E2 5E 98 04 9C 53 0B 9F 72 00 17 53 D6 E3 CC 4B 37 50 B1 2D FD 7E 0A 7D 20 57 8E AA 4D 93 F0 4F 53 39 25 E5 2D E0 C7 E7 6C 53 6D A1 D2 3F 37 CA FD 3F 73 45 B3 93 31 A5 DA 27 D1 9F F8 BF EF 60 04 82 9F E9 71 84 5F FD D1 F9 50 DE CD 3C 83 33 EA 8B 5C 63 1C 44 69 31 9E 09 B3 67 D5 B3 25 02 D1 93 5F E6 50 38 B1 FB FF 70 51 37 9B 39 4B 90 C9 36 FD 7D E0 DD F7 DE 37 EA 71 24 1A 51 A0 15 B4 56 0C D3 26 EA 94 D6 9B BD 35 5B 9D 71 1E 84,14994940}",
"binders" : " {95 2A 0D 86 A4 FD 38 13 66 70 BD D0 ED FC BD C5 C2 B4 A4 4C 8C 3C 60 3B 74 40 AE 2F 84 D2 C4 4F}",
}
}
]
}
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.460 EET|SSLSocketOutputRecord.java:241|WRITE: TLS13 handshake, length = 608
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.461 EET|SSLSocketOutputRecord.java:255|Raw write (
0000: 16 03 03 02 60 01 00 02 5C 03 03 92 34 9B 36 90 ....`...\...4.6.
0010: 0C 89 8F 5B E6 C9 D9 DA 57 C6 80 EA B8 41 09 62 ...[....W....A.b
0020: 2A 7E E8 40 E3 6F 24 A4 17 B2 CB 00 00 5A 13 01 *..@.o$......Z..
0030: 13 02 C0 2C C0 2B C0 30 00 9D C0 2E C0 32 00 9F ...,.+.0.....2..
0040: 00 A3 C0 2F 00 9C C0 2D C0 31 00 9E 00 A2 C0 24 .../...-.1.....$
0050: C0 28 00 3D C0 26 C0 2A 00 6B 00 6A C0 0A C0 14 .(.=.&.*.k.j....
0060: 00 35 C0 05 C0 0F 00 39 00 38 C0 23 C0 27 00 3C .5.....9.8.#.'.<
0070: C0 25 C0 29 00 67 00 40 C0 09 C0 13 00 2F C0 04 .%.).g.@...../..
0080: C0 0E 00 33 00 32 00 FF 01 00 01 D9 00 05 00 05 ...3.2..........
0090: 01 00 00 00 00 00 0A 00 20 00 1E 00 17 00 18 00 ........ .......
00A0: 19 00 09 00 0A 00 0B 00 0C 00 0D 00 0E 00 16 01 ................
00B0: 00 01 01 01 02 01 03 01 04 00 0B 00 02 01 00 00 ................
00C0: 0D 00 28 00 26 04 03 05 03 06 03 08 04 08 05 08 ..(.&...........
00D0: 06 08 09 08 0A 08 0B 04 01 05 01 06 01 04 02 03 ................
00E0: 03 03 01 03 02 02 03 02 01 02 02 00 32 00 28 00 ............2.(.
00F0: 26 04 03 05 03 06 03 08 04 08 05 08 06 08 09 08 &...............
0100: 0A 08 0B 04 01 05 01 06 01 04 02 03 03 03 01 03 ................
0110: 02 02 03 02 01 02 02 00 11 00 09 00 07 02 00 04 ................
0120: 00 00 00 00 00 17 00 00 00 2B 00 09 08 03 04 03 .........+......
0130: 03 03 02 03 01 00 2D 00 02 01 01 00 33 00 47 00 ......-.....3.G.
0140: 45 00 17 00 41 04 DA 61 A6 AD F0 04 28 48 13 86 E...A..a....(H..
0150: AF EA 2F EB A5 0A 0C 40 80 C2 C6 81 FE 04 87 7E ../....@........
0160: 52 B1 C9 92 A4 C3 6B 9C CA 49 B5 8A 4C 08 9B 38 R.....k..I..L..8
0170: 70 01 68 AF 13 42 63 8B 08 C5 1A 13 7D 87 35 48 p.h..Bc.......5H
0180: 1B 97 1A CE 67 10 00 29 00 DB 00 B6 00 B0 47 84 ....g..)......G.
0190: 2C AA 7B 65 00 50 67 90 20 6A 1C 4D BB 4C 60 55 ,..e.Pg. j.M.L`U
01A0: 22 B6 06 76 B7 F7 EC BC FC 07 E9 E0 E2 6D E2 5E "..v.........m.^
01B0: 98 04 9C 53 0B 9F 72 00 17 53 D6 E3 CC 4B 37 50 ...S..r..S...K7P
01C0: B1 2D FD 7E 0A 7D 20 57 8E AA 4D 93 F0 4F 53 39 .-.... W..M..OS9
01D0: 25 E5 2D E0 C7 E7 6C 53 6D A1 D2 3F 37 CA FD 3F %.-...lSm..?7..?
01E0: 73 45 B3 93 31 A5 DA 27 D1 9F F8 BF EF 60 04 82 sE..1..'.....`..
01F0: 9F E9 71 84 5F FD D1 F9 50 DE CD 3C 83 33 EA 8B ..q._...P..<.3..
0200: 5C 63 1C 44 69 31 9E 09 B3 67 D5 B3 25 02 D1 93 \c.Di1...g..%...
0210: 5F E6 50 38 B1 FB FF 70 51 37 9B 39 4B 90 C9 36 _.P8...pQ7.9K..6
0220: FD 7D E0 DD F7 DE 37 EA 71 24 1A 51 A0 15 B4 56 ......7.q$.Q...V
0230: 0C D3 26 EA 94 D6 9B BD 35 5B 9D 71 1E 84 00 E4 ..&.....5[.q....
0240: CD FC 00 21 20 95 2A 0D 86 A4 FD 38 13 66 70 BD ...! .*....8.fp.
0250: D0 ED FC BD C5 C2 B4 A4 4C 8C 3C 60 3B 74 40 AE ........L.<`;t@.
0260: 2F 84 D2 C4 4F /...O
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.518 EET|SSLSocketInputRecord.java:458|Raw read (
0000: 15 03 01 00 02 .....
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.519 EET|SSLSocketInputRecord.java:213|READ: TLSv1 alert, length = 2
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.519 EET|SSLSocketInputRecord.java:458|Raw read (
0000: 02 28 .(
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.519 EET|SSLSocketInputRecord.java:249|READ: TLSv1 alert, length = 2
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.520 EET|Alert.java:232|Received alert message (
"Alert": {
"level" : "fatal",
"description": "handshake_failure"
}
)
javax.net.ssl|ERROR|01|main|2018-12-24 15:41:06.520 EET|TransportContext.java:313|Fatal (HANDSHAKE_FAILURE): Received fatal alert: handshake_failure (
"throwable" : {
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:279)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:181)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:163)
at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:746)
at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:722)
at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:306)
at org.jsoup.helper.HttpConnection.get(HttpConnection.java:295)
at com.kitaplist.common.JsoupParser.parse(JsoupParser.java:23)
at com.kitaplist.common.Collector.extractListPageLinksFromCatPage(Collector.java:94)
at com.kitaplist.common.Collector.collectListPageLinks(Collector.java:148)
at com.kitaplist.KitapListConsole.run(KitapListConsole.java:47)
at com.kitaplist.KitapList.main(KitapList.java:74)}
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.521 EET|SSLSocketImpl.java:1361|close the underlying socket
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.521 EET|SSLSocketImpl.java:1380|close the SSL connection (initiative)
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:279)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:181)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:163)
at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:746)
at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:722)
at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:306)
at org.jsoup.helper.HttpConnection.get(HttpConnection.java:295)
at com.kitaplist.common.JsoupParser.parse(JsoupParser.java:23)
at com.kitaplist.common.Collector.extractListPageLinksFromCatPage(Collector.java:94)
at com.kitaplist.common.Collector.collectListPageLinks(Collector.java:148)
at com.kitaplist.KitapListConsole.run(KitapListConsole.java:47)
at com.kitaplist.KitapList.main(KitapList.java:74)
这是JsoupParser的内容。解析方法:
public Document parse(String url) {
try {
return Jsoup.connect(url).timeout(300 * 1000)
.userAgent("Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.152 Safari/537.36").ignoreContentType(true)
.get();
} catch (IOException e) {
e.printStackTrace();
}
return Jsoup.parse("");
}
起初,我认为这是由于缺少密码套件造成的,但后来我发现这个异常是由于JDK 1.8u141之前版本中的一个错误造成的。我尝试使用JDK1.8u191,一切正常,但是当我使用JDK11时,上面的异常再次出现。我还缺什么吗?谢谢你的帮助。
当我使用早期访问jdk 12时,这个问题也会消失。我如何使用jdk 11而不面对这个问题?
共有1个答案
苏边浩
首先,要明确的是:handshake_failure可能是由许多事情引起的,而不是缺少SNI;致命警报可能是由许多事情引起的,而不是handshake_failure,而SSLHandshakeExc0019可能是由许多事情引起的除了“致命警报”。
然而,这里确实显示JSSE未能在TLS1上发送SNI。3恢复请求——尽管服务器在版本1.0(wire 03 01)中响应握手失败是一种奇怪的处理方式;rfc8446 9.2说服务器应该在这种情况下使用missing_扩展,可能是在1.2记录中,因为这是1.3中的一个新警报,1.3将1.2保留为记录版本作为兼容性问题。特别是由于该服务器位于Cloudflare上,这是他们需要SNI的一个很好的原因,但由于他们处理如此大的容量和各种TLS,所以他们应该能够处理类似的情况。
大概是因为Java不能实现TLS1。3.(更新:2020年以后的8u261未实施TLS1.3。)因为如果设置sysprophttps,jsoup将使用设置为忽略TLSv1的值。3如HttpsURLConnection。将协议TLSv1、TLSv1。1,TLSv1。2它应该可以避免Java 11中的问题——只要同一进程中没有其他程序使用HttpsURLConnection进行需要1.3的连接,而且由于1.3在几个月前才最终确定,这似乎不太可能。注意:绝对不要包括SSLv3,如果您的其他连接都不需要1.0,那么省略TLSv1也是一个好的做法。
或者,由于初始连接显然是有效的(在11.0.1的一个简单测试中也是有效的),它应该通过将这些连接使用的SSLContext设置为不缓存会话信息的连接,或者至少不缓存会话信息来避免恢复。但那可能需要更多的工作,所以除非必要,否则我不会去那里。
更新:在11.0中修复。2见https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8211806
类似资料:
-
堆栈:React,NGINX 1.14.0,GUnicorn,Django 2.2.8,Python 3.6.9 错误: 在浏览器:当React调用Django API(当然在请求头中有)时,大约30秒后在浏览器控制台出现CORS错误。 在浏览器控制台:CORS策略阻止从源“https://mydomain”访问“https://mydomain:8000/somethy/”处的XMLHttpRe
-
当我尝试连接https url时...我得到ssl握手失败...我使用vertx-version 但是在使用vertx的时候。这是握手的问题
-
在这个基于Xcode7(beta)构建的应用程序中,TCP套接字连接(NSStream)失败,错误如下。 在info.plist中,我还包括了以下相关异常的ATS。 但在下面的委托中 -(void)stream:(NSStream*)stream HandleEvent:(NSStreamEvent)eventCode 我得到的事件代码为8,表示错误发生。具有上述描述。 验证错误:num=19:证
-
我使用vert. x java客户端连接安慰服务器。当使用SSL证书进行连接时,收到以下SSL握手错误。我在代码中使用setTrust all(true)。有人能帮助解释错误的原因和解决方案吗? 以下是错误:SEVERE:未处理的异常java.lang.IllegalStateExctive:桥没有成功启动io.vertx.amqpbridge.impl.AmqpBridgeImpl.create
-
我们很难与远程机器(如PayPal vb)建立https连接谁从我们的系统中禁用了SSL3协议。Net应用程序。HttpWebRequest实例的GetResponse方法出现以下异常。 请求被中止:无法创建SSL/TLS安全通道。 当我们使用WireShark深入并跟踪网络日志时,我们看到远程机器返回以下错误 TLSv1。2警报(级别:致命,描述:握手失败)握手失败40 更有趣的情况是,当我尝试
-
有人能告诉我如何在Android中解决?下面是我试图使用对象访问的这个URL的错误。 请参阅下面我的方法的代码