Java TLS 连接行为 [英] Java TLS connection behaviour

问题描述

我使用带有自定义 KeyManager、TrustManager 和客户端身份验证的 Java TLS 服务器.连接有效并交换证书，客户端(firefox)也表示连接已加密.我分析了与wireshark 的连接，但我没有看到tls 消息，wireshark 仅显示tcp 段而不解码有效负载(例如TLS 客户端hello、服务器hello 等).我启用了调试日志，这是服务器的日志:

<块引用>

 触发 SecureRandom 的播种完成播种 SecureRandom允许不安全的重新协商:false允许旧的 hello 消息:true是否初始握手:true是否安全重新协商:false线程 1，称为 closeSocket()

解决方案

如果您使用的端口通常不用于 SSL/TLS，则必须告诉 Wireshark 将其显式解码为 SSL/TLS.

>

右键单击数据包并选择解码为... -> 传输 -> SSL.

I use a java TLS server with custom KeyManager, TrustManager and with client authentication. The connection works and certificates are exchanged, also the client (firefox) says that the connection is encrypted. I analyze the connection with wireshark but i don't see tls messages, wireshark shows only tcp segments without decoding the payload (such as TLS client hello, server hello, etc). I enable the debug logging an this is the log of the server:

trigger seeding of SecureRandom
done seeding SecureRandom
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Thread-1, called closeSocket()

解决方案

If you're using a port that's not normally used for SSL/TLS, you will have to tell Wireshark to decode it as SSL/TLS explicitly.

Right click on a packet and choose Decode As... -> Transport -> SSL.

这篇关于Java TLS 连接行为的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！