Java JSSE SSLEngine无法恢复SSL会话 [英] Java JSSE SSLEngine cannot resume SSL session
问题描述
我正在编写一个使用SSLEngine和NIO的应用程序,我编写了客户端和服务器。
客户端能够连接到服务器,在他连接后,我希望他能够执行会话恢复/重新协商,但目前没有运气..
I am writing an application that uses SSLEngine with NIO, I writing both the client and the server. The client is able to connect to the server and after he is connected i want him to be able to perform session resumption / renegotiation, but currently without luck..
因为使用SSLEngine的代码非常大(SSLEngine的使用很复杂!)我会编写一个简单的伪代码来证明这种情况:
As the code that uses the SSLEngine is pretty big (SSLEngine usage is SO complex!) i will write a simple pseudo code that demonstrate the situation:
Server:
global sslcontext initialized once
await new client
client.sslEngine = create new server ssl engine using the global sslcontext
client.handleHandshake and wait for it to be done
handle client.
Client:
global sslcontext initialized once
sslEngine = create new client ssl engine using the global sslcontext
performHandshake and wait for it to be done
disconnect (close gracefully the connection)
sslEngine = create new client ssl engine using the global sslcontext
configure engine to not allow session creation
performHandshake and wait for it to be done
**我更愿意发布可以提供帮助的代码的任何部分(即使是完整的代码,尽管如我所说)是巨大的..)
** i am more then willing to post any part of the code that can help (even the full code although as i said it is huge..)
当我执行我的程序时,第一个连接成功但第二个连接导致异常:
when i executing my program the first connection is successful but the second cause an exception:
javax.net.ssl.SSLHandshakeException: No existing session to resume
我是否错过了ssl会话恢复所需的一些成分?
did i miss some ingredient that is required for ssl session resumption?
推荐答案
SSLEngine只会恢复会话i你用 SSLContext.createEngine(主机,端口)。否则它无法知道它正在与谁交谈,因此无法知道 SSLSession
要加入。
The SSLEngine will only resume sessions if you create it with SSLContext.createEngine(host, port). Otherwise it has no way of knowing who it's talking to, so no way of knowing what SSLSession
to join.
这篇关于Java JSSE SSLEngine无法恢复SSL会话的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!