Algorithm constraints check failed on disabled algorithm: secp256k1 问题解决

最新推荐文章于 2023-05-17 11:43:32 发布
最新推荐文章于 2023-05-17 11:43:32 发布
阅读量774 收藏 1
点赞数
分类专栏: 学习资料 文章标签: jdk netty
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/bianyanan522/article/details/115704477
版权

javax.net.ssl.SSLHandshakeException: General OpenSslEngine problem
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.handshakeException(ReferenceCountedOpenSslEngine.java:1772)
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.wrap(ReferenceCountedOpenSslEngine.java:777)
    at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:511)
    at io.netty.handler.ssl.SslHandler.wrap(SslHandler.java:1086)
    at io.netty.handler.ssl.SslHandler.wrapNonAppData(SslHandler.java:977)
    at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1450)
    at io.netty.handler.ssl.SslHandler.decodeNonJdkCompatible(SslHandler.java:1294)
    at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1331)
    at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:501)
    at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:440)
    at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
    at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
    at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
    at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
    at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:714)
    at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:650)
    at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:576)
    at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493)
    at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
    at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
    at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
    at java.lang.Thread.run(Thread.java:748)
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Algorithm constraints check failed on disabled algorithm: secp256k1
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:369)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:263)
    at sun.security.validator.Validator.validate(Validator.java:271)
    at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:312)
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:275)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:140)
    at io.netty.handler.ssl.ReferenceCountedOpenSslClientContext$ExtendedTrustManagerVerifyCallback.verify(ReferenceCountedOpenSslClientContext.java:261)
    at io.netty.handler.ssl.ReferenceCountedOpenSslContext$AbstractCertificateVerifier.verify(ReferenceCountedOpenSslContext.java:698)
    at io.netty.internal.tcnative.SSL.readFromSSL(Native Method)
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.readPlaintextData(ReferenceCountedOpenSslEngine.java:596)
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1203)
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1325)
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1368)
    at io.netty.handler.ssl.SslHandler$SslEngineType$1.unwrap(SslHandler.java:206)
    at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1387)
    ... 21 common frames omitted
    Suppressed: javax.net.ssl.SSLHandshakeException: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
        at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.sslReadErrorResult(ReferenceCountedOpenSslEngine.java:1288)
        at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1249)
        ... 25 common frames omitted
Caused by: java.security.cert.CertPathValidatorException: Algorithm constraints check failed on disabled algorithm: secp256k1
    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:135)
    at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:238)
    at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:146)
    at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:85)
    at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292)
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:364)
    ... 35 common frames omitted
Caused by: java.security.cert.CertPathValidatorException: Algorithm constraints check failed on disabled algorithm: secp256k1
    at sun.security.util.DisabledAlgorithmConstraints.permits(DisabledAlgorithmConstraints.java:200)
    at sun.security.provider.certpath.AlgorithmChecker.check(AlgorithmChecker.java:326)
    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:125)
    ... 40 common frames omitted
2021-04-14 14:58:38.137 [nioEventLoopGroup-4-1] ERROR org.fisco.bcos.sdk.network.ChannelHandler -  handshake failed, host: 192.168.0.5, port: 20200, message: General OpenSslEngine problem, cause: {}  
javax.net.ssl.SSLHandshakeException: General OpenSslEngine problem
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.handshakeException(ReferenceCountedOpenSslEngine.java:1772)
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.wrap(ReferenceCountedOpenSslEngine.java:777)
    at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:511)
    at io.netty.handler.ssl.SslHandler.wrap(SslHandler.java:1086)
    at io.netty.handler.ssl.SslHandler.wrapNonAppData(SslHandler.java:977)
    at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1450)
    at io.netty.handler.ssl.SslHandler.decodeNonJdkCompatible(SslHandler.java:1294)
    at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1331)
    at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:501)
    at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:440)
    at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
    at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357)
    at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
    at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365)
    at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
    at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
    at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:714)
    at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:650)
    at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:576)
    at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493)
    at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989)
    at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
    at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
    at java.lang.Thread.run(Thread.java:748)
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Algorithm constraints check failed on disabled algorithm: secp256k1
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:369)
    at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:263)
    at sun.security.validator.Validator.validate(Validator.java:271)
    at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:312)
    at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:275)
    at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:140)
    at io.netty.handler.ssl.ReferenceCountedOpenSslClientContext$ExtendedTrustManagerVerifyCallback.verify(ReferenceCountedOpenSslClientContext.java:261)
    at io.netty.handler.ssl.ReferenceCountedOpenSslContext$AbstractCertificateVerifier.verify(ReferenceCountedOpenSslContext.java:698)
    at io.netty.internal.tcnative.SSL.readFromSSL(Native Method)
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.readPlaintextData(ReferenceCountedOpenSslEngine.java:596)
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1203)
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1325)
    at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1368)
    at io.netty.handler.ssl.SslHandler$SslEngineType$1.unwrap(SslHandler.java:206)
    at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1387)
    ... 21 common frames omitted
    Suppressed: javax.net.ssl.SSLHandshakeException: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
        at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.sslReadErrorResult(ReferenceCountedOpenSslEngine.java:1288)
        at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.unwrap(ReferenceCountedOpenSslEngine.java:1249)
        ... 25 common frames omitted
Caused by: java.security.cert.CertPathValidatorException: Algorithm constraints check failed on disabled algorithm: secp256k1
    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:135)
    at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:238)
    at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:146)
    at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:85)
    at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292)
    at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:364)
    ... 35 common frames omitted
Caused by: java.security.cert.CertPathValidatorException: Algorithm constraints check failed on disabled algorithm: secp256k1
    at sun.security.util.DisabledAlgorithmConstraints.permits(DisabledAlgorithmConstraints.java:200)
    at sun.security.provider.certpath.AlgorithmChecker.check(AlgorithmChecker.java:326)
    at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:125)
    ... 40 common frames omitted

 

问题解决:

查看jdk1.8.0_271/jre/lib/security目录java.security文件

查找:secp256k1

#
# This property contains a list of disabled EC Named Curves that can be included
# in the jdk.[tls|certpath|jar].disabledAlgorithms properties.  To include this
# list in any of the disabledAlgorithms properties, add the property name as
# an entry.
jdk.disabled.namedCurves = secp112r1, secp112r2, secp128r1, secp128r2, \
    secp160k1, secp160r1, secp160r2, secp192k1, secp192r1, secp224k1, \
    secp224r1, secp256k1, sect113r1, sect113r2, sect131r1, sect131r2, \
    sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, \
    sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, \
    sect571k1, sect571r1, X9.62 c2tnb191v1, X9.62 c2tnb191v2, \
    X9.62 c2tnb191v3, X9.62 c2tnb239v1, X9.62 c2tnb239v2, X9.62 c2tnb239v3, \
    X9.62 c2tnb359v1, X9.62 c2tnb431r1, X9.62 prime192v2, X9.62 prime192v3, \
    X9.62 prime239v1, X9.62 prime239v2, X9.62 prime239v3, brainpoolP256r1, \
    brainpoolP320r1, brainpoolP384r1, brainpoolP512r1

将:secp256k1删掉就可以

 

阿依贝贝
关注
专栏目录
Couldn‘t agree a key exchange algorithm(available:curve25519-sha256,curve25519-sha256@libssh.org解决方案
weixin_43178406的博客
11-11 3万+
 本文主要介绍了Couldn’t agree a key exchange algorithm(available:curve25519-sha256,curve25519-sha256@libssh.org解决方案,希望能对使用winscp的同学们有所帮助。 文章目录 1. 问题描述 2. 解决方案
完美解决问题Failed to get convolution algorithm
CharlesMoCH的博客
11-04 1万+
写在前面 用pycharm或jupyter notebook运行卷积神经网络时会出现问题Failed to get convolution algorithm. This is probably because cuDNN failed to initialize, so try looking to see if a warning log message was printed above...
解决错误Algorithm constraints check failed on disabled algorithm: secp256k1
xingxincsdn的博客
07-13 1460
最近在用FISCO BCOS搭建私链来做项目,本地连我们自己搭建的测试环境FISCO BCOS时,报了些莫名其妙的错,连自己电脑搭建的一点也没问题,证书也都是按环境拷贝的; 关键错误信息如下: Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Algorithm constraints chec...
md5withrsa java_浏览器运行java插件报错:Algorithm constraints check failed: MD5withRSA
weixin_29103191的博客
02-17 353
今天使用kvm管理机房机器的时候发现一只连不上,报以下错误:sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Algorithm constraints check failed: MD5withRSA我确认我已...
浏览器运行java插件报错:Algorithm constraints check failed: MD5withRSA
weixin_34199405的博客
05-04 724
今天使用kvm管理机房机器的时候发现一只连不上,报以下错误:sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Algorithm constraints check failed: MD5w...
Springboot项目配置Elasticsearch,设置账号密码后报javax.net.ssl.SSLHandshakeException: General SSLEngine problem
htx845928748的博客
07-28 6651
ES 报错:javax.net.ssl.SSLHandshakeException: General SSLEngine problem
解决Java调用Azure SDK证书错误javax.net.ssl.SSLHandshakeException
weixin_30460489的博客
12-05 1186
Azure作为微软的公有云平台,提供了非常丰富的SDK和API让开发人员可以非常方便的调用的各项服务,目前除了自家的.NET, Java, Python, nodeJS, Ruby,PHP等语言都提供支持,详细的文档说明请参考: https://azure.microsoft.com/en-us/documentation/ 然而在使用过程中,以Java语言为例,在初始调用Azure SDK...
跳过HTTPS调用时证书SLL问题
糖糖糖糖糖糖分
04-24 1836
今天在对接一个银商的项目接口,测试环境调用,在写调用util的时候,有一些证书相关问题。 对于http换成支持https调用,网上有很多类的重写方法。就不细说了。 先把代码贴一下: (还有2个类,我稍微改下晚点补上代码~) SSLClientUtil.java package com.naka.fizzbuzz; import java.net.Socket; import jav...
加密算法调研
glowd的专栏
09-15 4208
什么是加密 加密,是以某种特殊的算法改变原有的信息数据,使得未授权的用户即使获得了已加密的信息,但因不知解密的方法,仍然无法了解信息的内容。 为什么需要加密 区块链网络中,不存在监督机制,当交易和区块在网络中传播时,如何才能保证才能保证数据不被篡改? 加密类型分类 对称加密 定义:称作私钥加密,加密和解密使用相同的密钥,密钥:在加密的算法中,将明文转化成暗文。或者密文转化成明文的时候,需要用到的私钥。 特点:算法公开、计算量小、加密速度快、加密效率高、适合加密比较大的文件; 缺点:通信双方都使
SSH Secure File Transfer Client连接远程设备报“algorithm negotiation failed”错的解决方法
成长Bar的博客专栏
02-16 3584
SSH Secure File Transfer Client连接远程设备报“algorithm negotiation failed”错的解决方法        ssh client 报 algorithm negotiation failed解决方法之一是 修改sshd的配置文件,请参考以下三个步骤进行解决问题。第一步:进入配置文件 /etc/ssh/sshd_config 第二步:在配置
Java 学习笔记——线程
To simple, to wonderful
10-20 522
1.
c md5withrsa java,JAVA使用HttpClient时报错:Algorithm constraints check failed on signature algorithm: MD5...
weixin_32161925的博客
03-18 316
标签:今天使用httpClient.executeMethod时抛出异常:java.security.cert.CertPathValidatorException: Algorithm constraints check failed on signature algorithm: MD5withRSA,下面是解决这个问题的6步。1. 在cmd窗口输入命令"where java"检查你实际使用的...
解决 javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path buildin
weixin_43496689的博客
05-17 1万+
PS:后来对windows和mac下java访问https也做了测试,发现mac上的jdk缺省不带startssl ca证书所以能访问通过,而加上startssl ca证书后同android一样访问不通过。JAVA的证书库里已经带了startssl ca证书,而nginx默认不带startssl ca证书,这样JAVA端访问nginx为容器的https url校验就会失败,jetty默认带startssl ca证书,所以正常。最后一行就是jdk的安装路径。
java 解决sun.security.validator.ValidatorException: PKIX path building failed证书 问题
asfsdf23的博客
08-19 855
java 解决sun.security.validator.ValidatorException: PKIX path building failed证书 问题 public class SslUtils { private static void trustAllHttpsCertificates() throws Exception { TrustManager[] trustAllCerts = new TrustManager[1]; TrustManager tm = new m
PKIX问题:sun.security.validator.ValidatorException: PKIX path building failed
w8827130的博客
03-27 1996
对新项目clean install 的时候,报错了,提示没有合法的证书,报错信息如下 [ERROR] Failed to execute goal on project springbootactivity: Could not resolve dependencies for project com.example:springbootactivity:jar:0.0.1-SNAPSHOT: Failed to collect dependencies at org.springframework.bo
SSL证书认证失败javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: 解决方法
qq_40315210的博客
10-11 3万+
访问第三方接口传递数据,出现SSL证书认证失败的情况,于是做出了如下解决方案: 1.代码层跳出SSL验证 javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching idcardcert.market.al...
异常:PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException:
热门推荐
小单的博客专栏
06-26 3万+
问题 java使用httpclient或者restTemplate进行https请求时,出现如下异常: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertP...
Use InstallCert
seafront12的博客
10-20 444
编译InstallCert.java,然后执行:java InstallCert hostname,比如: java InstallCert www.twitter.com 会看到如下信息: java InstallCert www.twitter.com Loading KeyStore /usr/java/jdk1.6.0_16/jre/lib/security/cacerts... ...
Integrity check failed: java.security.NoSuchAlgorithmException: Algorithm HmacPBESHA256 not available
最新发布
09-21
Integrity check failed: java.security.NoSuchAlgorithmException: Algorithm HmacPBESHA256 not available是由于缺少HmacPBESHA256算法引起的。首先,您可以检查应用程序的版本和您的环境是否一致。如果不一致,您...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

阿依贝贝

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值