javax.net.ssl.SSLHandshakeException:没有可用的认证方案 [英] javax.net.ssl.SSLHandshakeException: No available authentication scheme

查看:324
本文介绍了javax.net.ssl.SSLHandshakeException:没有可用的认证方案的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

一个Google揭示了jdk11.0.2中的错误,但我升级到jdk11.0.3,但对我来说仍然存在.复制步骤

A google reveals a bug in jdk11.0.2 but I upgraded to jdk11.0.3 and this still exists for me. Steps to reproduce

  1. git clone https://github.com/deanhiller/webpieces.git
  2. 将行"org.gradle.java.home =/Library/Java/JavaVirtualMachines/jdk-11.0.3.jdk/Contents/Home"添加到〜/.gradle/gradle.properties以将jdk设置为11.0.3
  3. 从Webpieces目录运行./gradlew:core:core-asyncserver:test

测试用例挂起并在日志中显示

The test case hangs and in the logs, it shows

由于:javax.net.ssl.SSLHandshakeException:没有可用的身份验证方案在java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)在java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)在java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)在java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264)在java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:255)在java.base/sun.security.ssl.CertificateMessage $ T13CertificateProducer.onProduceCertificate(CertificateMessage.java:945)在java.base/sun.security.ssl.CertificateMessage $ T13CertificateProducer.produce(CertificateMessage.java:934)在java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436)在java.base/sun.security.ssl.ClientHello $ T13ClientHelloConsumer.goServerHello(ClientHello.java:1224)在java.base/sun.security.ssl.ClientHello $ T13ClientHelloConsumer.consume(ClientHello.java:1160)在java.base/sun.security.ssl.ClientHello $ ClientHelloConsumer.onClientHello(ClientHello.java:849)在java.base/sun.security.ssl.ClientHello $ ClientHelloConsumer.consume(ClientHello.java:810)在java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)在java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)在java.base/sun.security.ssl.SSLEngineImpl $ DelegatedTask $ DelegatedAction.run(SSLEngineImpl.java:1065)在java.base/sun.security.ssl.SSLEngineImpl $ DelegatedTask $ DelegatedAction.run(SSLEngineImpl.java:1052)在java.base/java.security.AccessController.doPrivileged(本机方法)在java.base/sun.security.ssl.SSLEngineImpl $ DelegatedTask.run(SSLEngineImpl.java:999)在org.webpieces.ssl.impl.AsyncSSLEngine2Impl.createRunnable(AsyncSSLEngine2Impl.java:94)...省略了12个共同的框架

Caused by: javax.net.ssl.SSLHandshakeException: No available authentication scheme at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128) at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:255) at java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.onProduceCertificate(CertificateMessage.java:945) at java.base/sun.security.ssl.CertificateMessage$T13CertificateProducer.produce(CertificateMessage.java:934) at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436) at java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1224) at java.base/sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1160) at java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:849) at java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:810) at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444) at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1065) at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1052) at java.base/java.security.AccessController.doPrivileged(Native Method) at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:999) at org.webpieces.ssl.impl.AsyncSSLEngine2Impl.createRunnable(AsyncSSLEngine2Impl.java:94) ... 12 common frames omitted

我应该提交另一个仍然无法正常工作或有人有任何想法的jdk错误吗?

should I file another jdk bug that it still doesn't work or anyone have any thoughts?

jdk错误: https://bugs.openjdk.java.net/browse/JDK-8211426

请注意,由于某种原因此修复程序System.setProperty("jdk.tls.server.protocols","TLSv1.2");

NOTE that this fixes it for some reason System.setProperty("jdk.tls.server.protocols", "TLSv1.2");

hmmm,有人知道如何生成适用于TLSv1.2和TLSv1.3的自签名证书吗?

hmmm, anyone know how to generate a self-signed certificate that works for TLSv1.2 and TLSv1.3?

推荐答案

假设是链接的问题,而不是TLS 1.3的另一个问题.

Assuming it is the issue that is linked and not another issue around TLS 1.3.

您的证书使用的是 DSA 算法,该算法已经过时了,而推荐使用 RSA ,并且TLS1.3完全不支持该算法.请确保创建RSA证书.

Your certificate is using the DSA algorithm, which has been deprecated a while ago in favor of RSA and is not supported at all in TLS1.3. Make sure to create RSA certificates instead.

似乎不是很旧的Java keytool 版本默认情况下可能已经创建了DSA证书...不幸的是,默认情况下.您可以使用此命令来验证证书类型.

It seems that not-so-old versions of the java keytool might have created DSA certificates by default... an unfortunate default. You can use this command to verify a certificate type.

openssl x509 -in certificate.crt -text 

Certificate:
    ...
    Signature Algorithm: dsa_with_SHA256
        ...
        Subject Public Key Info:
            Public Key Algorithm: dsaEncryption

这篇关于javax.net.ssl.SSLHandshakeException:没有可用的认证方案的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆