调试ssl握手
Java程序添加vm参数:
-Djavax.net.debug=all
查看报文
main, WRITE: TLSv1 Handshake, length = 163
main, READ: TLSv1.2 Alert, length = 2
main, RECV TLSv1 ALERT: fatal, handshake_failure
发现ssl不一致ssl不一致,则更换jdk版本,或者修改服务器ssl加密版本
若结果为
RMI TCP Connection(3)-127.0.0.1, WRITE: TLSv1.2 Handshake, length = 143
RMI TCP Connection(3)-127.0.0.1, READ: TLSv1.2 Alert, length = 2
RMI TCP Connection(3)-127.0.0.1, RECV TLSv1.2 ALERT: fatal, handshake_failure
RMI TCP Connection(3)-127.0.0.1, called closeSocket()
RMI TCP Connection(3)-127.0.0.1, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
RMI TCP Connection(3)-127.0.0.1, called close()
RMI TCP Connection(3)-127.0.0.1, called closeInternal(true)
此时ssl版本一致任然握手失败,则为加密套件不可用 此时加密密钥长度>128,jdk1.8默认支持证书密钥长度小于128
jdk1.8版本只要修改Java\jre\lib\security\java.security文件,启用crypto.policy。
crypto.policy=unlimited