使用Jsoup时,Java 11 HTTPS连接失败,并带有SSL HandshakeException [英] Java 11 HTTPS connection fails with SSL HandshakeException while using Jsoup
本文介绍了使用Jsoup时,Java 11 HTTPS连接失败,并带有SSL HandshakeException的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试使用Jsoup库抓取网页(这一个).在执行简单的GET操作时,出现以下异常:
I am trying to crawl a webpage (this one) using Jsoup library. While performing simple GET operation, i am getting the following exception:
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.431 EET|Utilities.java:73|the previous server name in SNI (type=host_name (0), value=www.kitapburada.com) was replaced with (type=host_name (0), value=www.kitapburada.com)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.432 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_128_GCM_SHA256 for TLS12
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.432 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_256_GCM_SHA384 for TLS12
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.435 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.435 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.435 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.435 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.436 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.437 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.439 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.439 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.441 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.441 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.441 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.441 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.444 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.444 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.444 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLS10
javax.net.ssl|ALL|01|main|2018-12-24 15:41:06.446 EET|ClientHello.java:533|Try resuming session (
Session(1545655264774|TLS_AES_128_GCM_SHA256)
)
javax.net.ssl|WARNING|01|main|2018-12-24 15:41:06.447 EET|ServerNameExtension.java:255|Unable to indicate server name
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.447 EET|SSLExtensions.java:235|Ignore, context unavailable extension: server_name
javax.net.ssl|ALL|01|main|2018-12-24 15:41:06.448 EET|SignatureScheme.java:358|Ignore disabled signature sheme: rsa_md5
javax.net.ssl|INFO|01|main|2018-12-24 15:41:06.449 EET|AlpnExtension.java:161|No available application protocols
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.450 EET|SSLExtensions.java:235|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.450 EET|SSLExtensions.java:235|Ignore, context unavailable extension: cookie
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.453 EET|SSLExtensions.java:235|Ignore, context unavailable extension: renegotiation_info
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.454 EET|PreSharedKeyExtension.java:660|Found resumable session. Preparing PSK message.
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.460 EET|ClientHello.java:651|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "92 34 9B 36 90 0C 89 8F 5B E6 C9 D9 DA 57 C6 80 EA B8 41 09 62 2A 7E E8 40 E3 6F 24 A4 17 B2 CB",
"session id" : "",
"cipher suites" : "[TLS_AES_128_GCM_SHA256(0x1301), TLS_AES_256_GCM_SHA384(0x1302), TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
"compression methods" : "00",
"extensions" : [
"status_request (5)": {
"certificate status type": ocsp
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
},
"supported_groups (10)": {
"versions": [secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
},
"ec_point_formats (11)": {
"formats": [uncompressed]
},
"signature_algorithms (13)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"signature_algorithms_cert (50)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"status_request_v2 (17)": {
"cert status request": {
"certificate status type": ocsp_multi
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
}
},
"extended_master_secret (23)": {
<empty>
},
"supported_versions (43)": {
"versions": [TLSv1.3, TLSv1.2, TLSv1.1, TLSv1]
},
"psk_key_exchange_modes (45)": {
"ke_modes": [psk_dhe_ke]
},
"key_share (51)": {
"client_shares": [
{
"named group": secp256r1
"key_exchange": {
0000: 04 DA 61 A6 AD F0 04 28 48 13 86 AF EA 2F EB A5 ..a....(H..../..
0010: 0A 0C 40 80 C2 C6 81 FE 04 87 7E 52 B1 C9 92 A4 ..@........R....
0020: C3 6B 9C CA 49 B5 8A 4C 08 9B 38 70 01 68 AF 13 .k..I..L..8p.h..
0030: 42 63 8B 08 C5 1A 13 7D 87 35 48 1B 97 1A CE 67 Bc.......5H....g
0040: 10
}
},
]
},
"pre_shared_key (41)": {
"PreSharedKey": {
"identities" : " {47 84 2C AA 7B 65 00 50 67 90 20 6A 1C 4D BB 4C 60 55 22 B6 06 76 B7 F7 EC BC FC 07 E9 E0 E2 6D E2 5E 98 04 9C 53 0B 9F 72 00 17 53 D6 E3 CC 4B 37 50 B1 2D FD 7E 0A 7D 20 57 8E AA 4D 93 F0 4F 53 39 25 E5 2D E0 C7 E7 6C 53 6D A1 D2 3F 37 CA FD 3F 73 45 B3 93 31 A5 DA 27 D1 9F F8 BF EF 60 04 82 9F E9 71 84 5F FD D1 F9 50 DE CD 3C 83 33 EA 8B 5C 63 1C 44 69 31 9E 09 B3 67 D5 B3 25 02 D1 93 5F E6 50 38 B1 FB FF 70 51 37 9B 39 4B 90 C9 36 FD 7D E0 DD F7 DE 37 EA 71 24 1A 51 A0 15 B4 56 0C D3 26 EA 94 D6 9B BD 35 5B 9D 71 1E 84,14994940}",
"binders" : " {95 2A 0D 86 A4 FD 38 13 66 70 BD D0 ED FC BD C5 C2 B4 A4 4C 8C 3C 60 3B 74 40 AE 2F 84 D2 C4 4F}",
}
}
]
}
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.460 EET|SSLSocketOutputRecord.java:241|WRITE: TLS13 handshake, length = 608
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.461 EET|SSLSocketOutputRecord.java:255|Raw write (
0000: 16 03 03 02 60 01 00 02 5C 03 03 92 34 9B 36 90 ....`...\...4.6.
0010: 0C 89 8F 5B E6 C9 D9 DA 57 C6 80 EA B8 41 09 62 ...[....W....A.b
0020: 2A 7E E8 40 E3 6F 24 A4 17 B2 CB 00 00 5A 13 01 *..@.o$......Z..
0030: 13 02 C0 2C C0 2B C0 30 00 9D C0 2E C0 32 00 9F ...,.+.0.....2..
0040: 00 A3 C0 2F 00 9C C0 2D C0 31 00 9E 00 A2 C0 24 .../...-.1.....$
0050: C0 28 00 3D C0 26 C0 2A 00 6B 00 6A C0 0A C0 14 .(.=.&.*.k.j....
0060: 00 35 C0 05 C0 0F 00 39 00 38 C0 23 C0 27 00 3C .5.....9.8.#.'.<
0070: C0 25 C0 29 00 67 00 40 C0 09 C0 13 00 2F C0 04 .%.).g.@...../..
0080: C0 0E 00 33 00 32 00 FF 01 00 01 D9 00 05 00 05 ...3.2..........
0090: 01 00 00 00 00 00 0A 00 20 00 1E 00 17 00 18 00 ........ .......
00A0: 19 00 09 00 0A 00 0B 00 0C 00 0D 00 0E 00 16 01 ................
00B0: 00 01 01 01 02 01 03 01 04 00 0B 00 02 01 00 00 ................
00C0: 0D 00 28 00 26 04 03 05 03 06 03 08 04 08 05 08 ..(.&...........
00D0: 06 08 09 08 0A 08 0B 04 01 05 01 06 01 04 02 03 ................
00E0: 03 03 01 03 02 02 03 02 01 02 02 00 32 00 28 00 ............2.(.
00F0: 26 04 03 05 03 06 03 08 04 08 05 08 06 08 09 08 &...............
0100: 0A 08 0B 04 01 05 01 06 01 04 02 03 03 03 01 03 ................
0110: 02 02 03 02 01 02 02 00 11 00 09 00 07 02 00 04 ................
0120: 00 00 00 00 00 17 00 00 00 2B 00 09 08 03 04 03 .........+......
0130: 03 03 02 03 01 00 2D 00 02 01 01 00 33 00 47 00 ......-.....3.G.
0140: 45 00 17 00 41 04 DA 61 A6 AD F0 04 28 48 13 86 E...A..a....(H..
0150: AF EA 2F EB A5 0A 0C 40 80 C2 C6 81 FE 04 87 7E ../....@........
0160: 52 B1 C9 92 A4 C3 6B 9C CA 49 B5 8A 4C 08 9B 38 R.....k..I..L..8
0170: 70 01 68 AF 13 42 63 8B 08 C5 1A 13 7D 87 35 48 p.h..Bc.......5H
0180: 1B 97 1A CE 67 10 00 29 00 DB 00 B6 00 B0 47 84 ....g..)......G.
0190: 2C AA 7B 65 00 50 67 90 20 6A 1C 4D BB 4C 60 55 ,..e.Pg. j.M.L`U
01A0: 22 B6 06 76 B7 F7 EC BC FC 07 E9 E0 E2 6D E2 5E "..v.........m.^
01B0: 98 04 9C 53 0B 9F 72 00 17 53 D6 E3 CC 4B 37 50 ...S..r..S...K7P
01C0: B1 2D FD 7E 0A 7D 20 57 8E AA 4D 93 F0 4F 53 39 .-.... W..M..OS9
01D0: 25 E5 2D E0 C7 E7 6C 53 6D A1 D2 3F 37 CA FD 3F %.-...lSm..?7..?
01E0: 73 45 B3 93 31 A5 DA 27 D1 9F F8 BF EF 60 04 82 sE..1..'.....`..
01F0: 9F E9 71 84 5F FD D1 F9 50 DE CD 3C 83 33 EA 8B ..q._...P..<.3..
0200: 5C 63 1C 44 69 31 9E 09 B3 67 D5 B3 25 02 D1 93 \c.Di1...g..%...
0210: 5F E6 50 38 B1 FB FF 70 51 37 9B 39 4B 90 C9 36 _.P8...pQ7.9K..6
0220: FD 7D E0 DD F7 DE 37 EA 71 24 1A 51 A0 15 B4 56 ......7.q$.Q...V
0230: 0C D3 26 EA 94 D6 9B BD 35 5B 9D 71 1E 84 00 E4 ..&.....5[.q....
0240: CD FC 00 21 20 95 2A 0D 86 A4 FD 38 13 66 70 BD ...! .*....8.fp.
0250: D0 ED FC BD C5 C2 B4 A4 4C 8C 3C 60 3B 74 40 AE ........L.<`;t@.
0260: 2F 84 D2 C4 4F /...O
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.518 EET|SSLSocketInputRecord.java:458|Raw read (
0000: 15 03 01 00 02 .....
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.519 EET|SSLSocketInputRecord.java:213|READ: TLSv1 alert, length = 2
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.519 EET|SSLSocketInputRecord.java:458|Raw read (
0000: 02 28 .(
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.519 EET|SSLSocketInputRecord.java:249|READ: TLSv1 alert, length = 2
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.520 EET|Alert.java:232|Received alert message (
"Alert": {
"level" : "fatal",
"description": "handshake_failure"
}
)
javax.net.ssl|ERROR|01|main|2018-12-24 15:41:06.520 EET|TransportContext.java:313|Fatal (HANDSHAKE_FAILURE): Received fatal alert: handshake_failure (
"throwable" : {
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:279)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:181)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:163)
at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:746)
at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:722)
at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:306)
at org.jsoup.helper.HttpConnection.get(HttpConnection.java:295)
at com.kitaplist.common.JsoupParser.parse(JsoupParser.java:23)
at com.kitaplist.common.Collector.extractListPageLinksFromCatPage(Collector.java:94)
at com.kitaplist.common.Collector.collectListPageLinks(Collector.java:148)
at com.kitaplist.KitapListConsole.run(KitapListConsole.java:47)
at com.kitaplist.KitapList.main(KitapList.java:74)}
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.521 EET|SSLSocketImpl.java:1361|close the underlying socket
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.521 EET|SSLSocketImpl.java:1380|close the SSL connection (initiative)
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:279)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:181)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:163)
at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:746)
at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:722)
at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:306)
at org.jsoup.helper.HttpConnection.get(HttpConnection.java:295)
at com.kitaplist.common.JsoupParser.parse(JsoupParser.java:23)
at com.kitaplist.common.Collector.extractListPageLinksFromCatPage(Collector.java:94)
at com.kitaplist.common.Collector.collectListPageLinks(Collector.java:148)
at com.kitaplist.KitapListConsole.run(KitapListConsole.java:47)
at com.kitaplist.KitapList.main(KitapList.java:74)
这是JsoupParser.parse方法的内容:
public Document parse(String url) {
try {
return Jsoup.connect(url).timeout(300 * 1000)
.userAgent("Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.152 Safari/537.36").ignoreContentType(true)
.get();
} catch (IOException e) {
e.printStackTrace();
}
return Jsoup.parse("");
}
起初,我以为是由于缺少密码套件,但后来我发现此异常由于1.8u141之前的JDK中的错误而发生.我尝试使用JDK 1.8u191,但一切正常,但是当我使用JDK 11时,上述异常再次出现.我有什么想念的吗?感谢您的帮助.
At first, I thought it was due to missing cipher suites but then I found that this exception occurs due to a bug in JDK before 1.8u141. I tried with JDK 1.8u191, everything works fine but when i use JDK 11, the above exception appears again. Is there anything am i missing ? I appreciate any help.
当我使用早期访问jdk 12时,该问题也消失了.如何在不遇到此问题的情况下使用jdk 11?
The issue also disappears when I use early access jdk 12. How can I use jdk 11 without facing this issue?
推荐答案
首先,要清楚:handshake_failure可能是由于缺少SNI之外的许多其他原因引起的. 致命警报"可能是由handshake_failure以外的其他原因引起的,而SSLHandshakeException可能是由致命警报"以外的很多其他原因引起的.
First, to be clear: handshake_failure can be caused by lots of things other than missing SNI; 'fatal alert' can be caused by lots of things other than handshake_failure, and SSLHandshakeException can be caused by lots of things other than 'fatal alert'.
但是,这里确实出现了JSSE 无法在TLS1.3恢复请求上发送SNI的问题-尽管服务器响应的握手消息是
However, it does appear here that JSSE is failing to send SNI on a TLS1.3 resumption request -- although the server responding with handshake_failure with version 1.0 (wire 03 01) is an odd way to handle this; rfc8446 9.2 says the server should use missing_extension for this case, presumably in a 1.2 record since that's a new-in-1.3 alert and 1.3 keeps 1.2 as the record version as a compatibility kludge. Especially since this server is (on) Cloudflare, which is a good reason they want SNI, but because they handle such a large volume and variety of TLS-was-SSL termination they should be able to handle cases like this.
Java 8之所以可以工作是因为它没有实现TLS1.3. (更新:2020年8u261起执行实施TLS1.3.)由于jsoup使用HttpsURLConnection,如果您将sysprop https.protocols 设置为值忽略 TLSv1.3,例如TLSv1,TLSv1.1,TLSv1.2,它应该避免Java 11中的问题-只要同一进程中的其他任何事物都不需要HttpsURLConnection进行需要1.3的连接,并且1.3才在几个月前完成这似乎不太可能.注意:绝对不包括SSLv3,如果您的所有其他连接都不需要1.0,那么最好省略TLSv1.
Java 8 works presumably because it doesn't implement TLS1.3. (Update: 8u261 in 2020 up does implement TLS1.3.) Since jsoup uses HttpsURLConnection if you set sysprop https.protocols to a value omitting TLSv1.3 such as TLSv1,TLSv1.1,TLSv1.2 it should avoid the problem in Java 11 -- as long as nothing else in the same process uses HttpsURLConnection for a connection that needs 1.3, and since 1.3 was only finalized a few months ago that seems unlikely. Note: definitely do not include SSLv3 and if none of your other connections need 1.0 then also omitting TLSv1 would be good practice.
或者,由于初始连接显然起作用(并且对我而言,在使用11.0.1的简单测试中也起作用),因此应通过将这些连接使用的SSLContext设置为一个来避免恢复不会缓存会话信息,或者至少不会缓存这些信息.但这可能需要更多工作,因此除非有必要,否则我不会去那里.
Alternatively since the initial connection apparently does work (and does for me on a simple test with 11.0.1) it should work to avoid resumption by setting the SSLContext used by these connections to one which doesn't cache session info, or at least not these. But that's likely more work, so I wouldn't go there unless necessary.
这篇关于使用Jsoup时,Java 11 HTTPS连接失败,并带有SSL HandshakeException的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
