jmeter连接分机失败,javax.net.ssl.SSLHandshakeException:使用JMeter和SSL(JDK8)时的handshake_failure...

最新推荐文章于 2024-07-25 11:57:10 发布
最新推荐文章于 2024-07-25 11:57:10 发布
阅读量676 收藏
点赞数
文章标签: jmeter连接分机失败

I am writing a JMeter test plan to connect to SSL port (Tomcat Connector). I receive a SSLHandshakeException (handshake_failure) when connecting to SSL port using any of the three JMeter SSL client implementations (HttpClient4, HttpClient3.1, Java) on JDK8 (1.8.0_51). If I use JDK7 (1.7.0_75) - everything works as expected.

Client JDK: HotSpot 1.8.0_51

Client OS: Mac OSX 10.10.2

JMeter version: 2.13

Server: Tomcat 7.0.63 (latest)

Server SSL CipherSuite: RC4-SHA

Server SSL Protocol: all

Server Java: OpenJDK 1.7.0_79

Here are some things I have already tried:

(1) I tried replacing the JCE Unlimited Strength JARs, as suggested on a similar question:

SSLHandshakeException while connecting to a https site

No changes in error messages or logfile, JDK8 client would not connect to the SSL server.

(2) I turned on debugging as described here: https://blogs.oracle.com/java-platform-group/entry/diagnosing_tls_ssl_and_https. Starting JMeter with JVM_ARGS set to -Djavax.net.debug=ssl:handshake:verbose. The logfile (attached below) did not hint any reasons what the issue might be.

(3) I tried specifying the HTTPS procotol, e.g. -Dhttps.protocols=SSLv3. No luck. SSLv3 was disabled or cipher were not matching:

javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)

(4) I tried disabling SNI, e.g. -Djsse.enableSNIExtension=false. No luck either.

So, I am forced to use the JDK7 for now, until I can get my JMeter to run with JDK8, and I'd like to fix that.

So, the issue is in how JDK8 handles SSL clients differently from JDK7. Also, the server (Tomcat Connector) would need to support appropriate ciphers and protocols, but that's out of my control for now.

Here are relevant logs:

X509KeyManager passed to SSLContext.init(): need an X509ExtendedKeyManager for SSLEngine use

trigger seeding of SecureRandom

done seeding SecureRandom

Agents (clients) 1-2, setSoTimeout(0) called

Allow unsafe renegotiation: false

Allow legacy hello messages: true

Is initial handshake: true

Is secure renegotiation: false

Allow unsafe renegotiation: false

Allow legacy hello messages: true

Is initial handshake: true

Is secure renegotiation: false

Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1

Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1

Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1

Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1

Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1

Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1

Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1

Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1

Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1

Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1

Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1

Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1

Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1

Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1

Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1

Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1

Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1

Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1

Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1

Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1

Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1

Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1

Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1

Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1

Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1

Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1

Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1

Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1

%% No cached client session

%% No cached client session

*** ClientHello, TLSv1.2

RandomCookie: *** ClientHello, TLSv1.2

GMT: 1422637724 bytes = { RandomCookie: GMT: 1422637724 bytes = { 71, 27, 101, 246, 26, 99, 64, 213, 53, 66, 156, 66, 118, 137, 247113, , 226, 86, 121, 189, 207, 175, 98, 46, 64, 242, 48, 19, 30, 66, 251, 120, 125, 249, 63, 114, 254, 246, 5, 168, 17, 190, 214, 228, 90, 165128 }

Session ID: , 113, {}

157, 211, 230, 144, Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]

145, 63, Compression Methods: { 238, 0178 }

Session ID: {}

}

Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]

Compression Methods: { 0 }

Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}

Extension ec_point_formats, formats: [uncompressed]

Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA

***

Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}

Extension ec_point_formats, formats: [uncompressed]

Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA

***

Agents (clients) 1-2, WRITE: TLSv1.2 Handshake, length = 237

Agents (clients) 1-1, WRITE: TLSv1.2 Handshake, length = 237

Agents (clients) 1-2, READ: TLSv1.2 Alert, length = 2

Agents (clients) 1-2, RECV TLSv1.2 ALERT: fatal, handshake_failure

Agents (clients) 1-2, called closeSocket()

Agents (clients) 1-2, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

Agents (clients) 1-2, called close()

Agents (clients) 1-2, called closeInternal(true)

Agents (clients) 1-1, READ: TLSv1.2 Alert, length = 2

Agents (clients) 1-1, RECV TLSv1.2 ALERT: fatal, handshake_failure

Agents (clients) 1-1, called closeSocket()

Agents (clients) 1-1, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

Agents (clients) 1-1, called close()

Agents (clients) 1-1, called closeInternal(true)

Here's the stacktrace I get in JMeter logfile:

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)

at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)

at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023)

at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125)

at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)

at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)

at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)

at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)

at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)

at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)

at org.apache.jmeter.protocol.http.sampler.HTTPJavaImpl.sample(HTTPJavaImpl.java:483)

at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:74)

at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1146)

at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1135)

at org.apache.jmeter.threads.JMeterThread.process_sampler(JMeterThread.java:434)

at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:261)

at java.lang.Thread.run(Thread.java:745)

So, how do I make JDK8 client in JMeter talk to SSL port using protocols and ciphers allowed by the server.

Thanks!

Edit: Added SSL Labs test results

Protocols

TLS 1.2 Yes

TLS 1.1 Yes

TLS 1.0 Yes

SSL 3 No

SSL 2 No

Cipher Suites (sorted by strength as the server has no preference; deprecated and SSL 2 suites at the end)

TLS_RSA_WITH_RC4_128_SHA (0x5) WEAK 128

Clients

Java 6u45 No SNI 2 TLS 1.0 TLS_RSA_WITH_RC4_128_SHA (0x5) No FS RC4 128

Java 7u25 TLS 1.0 TLS_RSA_WITH_RC4_128_SHA (0x5) No FS RC4 128

Java 8u31 TLS 1.2 TLS_RSA_WITH_RC4_128_SHA (0x5) No FS RC4 128

解决方案

So after some digging, and ideas in the comments, it boils down to the Tomcat configuration. Tomcat Configuration only allowed RC4-SHA, which is insecure and not supported in Java 8 anymore, per RFC7465 (thanks Robert for the reference).

I got JMeter to work on Java8, by updating server SSL configuration and removing RC4-SHA-only cipher, and allowing all default cipher suites, e.g. dropping SSLCipherSuite="RC4-SHA" from server.xml Tomcat configuration file.

Adding stronger security encryption (JCE Unlimited Strength Policy), will allow for better cipher suites and stronger encryption. You will need to be aware of US exporting rules though.

I will need to make decision as to which ciphers we want to support. That depends on the clients that we are expecting to connect to our SSL Tomcat connector. One client is definitely our JMeter test client, and there are few other RESTful clients that will be connecting, written in various languages and for various platforms.

Hopefully this discussion helps out others and shed some light.

I would like to edit this answer to add recommended (at the moment) TLS protocol and CipherSuite settings.

Modern Compatibility

Ciphersuite: ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK

Versions: TLSv1.1, TLSv1.2

RSA key size: 2048

DH Parameter size: 2048

Elliptic curves: secp256r1, secp384r1, secp521r1 (at a minimum)

Certificate signature: SHA-256

HSTS: max-age=15724800

Intermediate Compatibility

Ciphersuite: ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

Versions: TLSv1, TLSv1.1, TLSv1.2

RSA key size: 2048

DH Parameter size: 2048 (see DHE and Java for details)

Elliptic curves: secp256r1, secp384r1, secp521r1 (at a minimum)

Certificate signature: SHA-256

... and others

Thanks everyone that chimed in.

WuliXQ
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
ssl证书双向认证访问https—解决javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
qq_33665655的博客
10-12 1157
替换${java_home}/jre/lib/security/ 下面的local_policy.jar和US_export_policy.jar即可。下载后解压,可以看到local_policy.jar和US_export_policy.jar以及readme.txt,但经过我一步步踩坑,到最终解决问题,我发现问题的原因并不完全和上面描述的一直,下面我一步步讲解我的解决过程。我是第三种,替换可jar文件,就可以运行了,撒花撒花撒花。别灰心,别气馁,继续Google。,那就把TLSv1.0去掉吧。
报错javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException
迪迪调调的博客
04-13 1万+
下载https的图片报错javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException
jmeter连接分机失败_javax.net.ssl.SSLHandshakeException使用JMeterSSLJDK8)handshake_failure...
weixin_39979245的博客
12-19 1141
I am writing a JMeter test plan to connect to SSL port (Tomcat Connector). I receive a SSLHandshakeException (handshake_failure) when connecting to SSL port using any of the three JMeter SSL client im...
jmeter 提示 javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 解决方案
翛然树的博客
05-28 9459
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 解决方法: 1.1)对于JDK1.8版本但低于1.8.0_151版本的JDK,将下载的包里的两个文件直接覆盖到本地 Java\jre\lib\security\ local_policy.jar US_export_policy.jar 1.2)1.8.0_151以后的版本,修改Java\jre\lib\sec...
Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cip
最新发布
weixin_66153022的博客
07-25 265
SSL握手异常,可能是因为SSL协议或加密套件被禁用或不适当。
记录jmeter使用遇到的错误:Response code:Non HTTP response code: javax.net.ssl.SSLHandshakeException
weixin_43744956的博客
11-15 1万+
记录jmeter使用遇到的错误:Response code:Non HTTP response code: javax.net.ssl.SSLHandshakeException 报错代码如下: Response code:Non HTTP response code: javax.net.ssl.SSLHandshakeException Response message:Non HTTP response message: Remote host closed connection during ha
3、javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 错误
chiheyi1036的博客
06-14 1769
使用Jmeter做测试的候,出现 javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 错误,解决方式是修改java安装路径的文件: G:\Java\jre1.8.0_201\l...
javax.net.ssl.SSLHandshakeException
未觉池塘青草梦,阶前梧叶已秋声
03-16 492
tomcat 部署 cas server, weblogic 部署 cas client. 访问出现错误: javax.net.ssl.SSLHandshakeException: FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security...
已解决javax.net.ssl.SSLHandshakeException: SSL握手异常的解决方法,亲测有效,嘿嘿嘿!!!
PythonAigc的博客
05-06 4645
`javax.net.ssl.SSLHandshakeException: SSL握手异常` 通常表示在尝试建立安全套接字连接SSL/TLS 握手)出现了问题。这个问题可能由多种原因引起,包括但不限于证书问题、协议不匹配、加密算法不支持等。以下是对这个异常的分析、报错原因、解决思路、解决方法以及代码示例。 ### 问题分析 SSL握手是建立安全通信的过程,它涉及到客户端和服务器之间的多个步骤,包括证书交换、加密算法协商等。如果在这个过程中任何一个步骤出现问题,都可能导致SSL握手失败,并抛出`SSL
javax.net.ssl.SSLException: Received fatal alert: protocol_version
weixin_34168700的博客
03-01 5036
2019独角兽企业重金招聘Python工程师标准>>> ...
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? HTTPS请求异常
浮华与肤浅(๑• . •๑)
06-25 6737
Jmeter中压测https接口,请求抛出异常 javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection? at sun.security.ssl.InputRecord.handleUnknownRecord(Unknown Source) at sun.security.ssl.InputReco...
jdk1.8 handshake_failure漏洞修复jar UnlimitedJCEPolicyJDK7.zip
08-05
UnlimitedJCEPolicyJDK7 修复jdk1.8的漏洞
JMeter HTTPS登录脚本
06-11
JMeter实现知乎网站的登录操作并进行性能测试的操作 详细情况可以参考博客文章 http://blog.csdn.net/yangqingtao/article/details/51622887
jmeter入门问题1】报错提示Non HTTP response code: javax.net.ssl.SSLException
miaoyayaya的博客
04-04 716
![报错原因你好! 这是你第一次使用 Markdown编辑器 所展示的欢迎页。如果你想学习如何使用Markdown编辑器, 可以仔细阅读这篇文章,了解一下Markdown的基本语法知识。我们对Markdown编辑器进行了一些功能拓展与语法支持,除了标准的Markdown编辑器功能,我们增加了如下几点新功能,帮助你用它写博客:撤销:Ctrl/Command + Z 重做:Ctrl/Command + Y 加粗:Ctrl/Command + B 斜体:Ctrl/Command + I 标题:Ctrl/Comma
jmeter压测https请求兼容问题
那片天空!那片海!
06-26 3316
前提 jmeter版本 :3.1 jdk:1.8.0.111(win64) 测试过程 1 在使用jmeter对APPserver接口进行压测,https协议握手失败jmeter返回异常: javax.net.ssl.SSLHandshakeException:Receivedfatalalert:handshake_failure atsun.security.ssl.Al...
解决jdk1.8中发送邮件失败handshake_failure)问题
热门推荐
http://www.54tianzhisheng.cn/
08-12 2万+
暑假在家做一个类似知乎的问答型网站(代码可见:Github/wenda 喜欢的可以给个star或者自己fork然后修改,目前功能还未很完善),其中有一个站内邮件通知系统(这里简单的讲一个例子:如果用户登录的候出现异常,那么就会通过邮件发送通知用户)。然而却碰到一个问题。问题错误信息如下: 发送邮件失败Mail server connection failed; nested excep
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
风语落尘
05-06 7905
1、找到jvm下的java.security文件,Mac电脑路径示例:/Library/Java/JavaVirtualMachines/jdk1.8.0_311.jdk/Contents/Home/jre/lib/security。2、编辑java.security文件,找到参数 jdk.tls.disabledAlgorithms 这一行,删除掉RC4 前面的几个值 即可。排查过程:可使用如下代码,打印http请求协议过程。修改后如下,重新请求地址,请求正常,问题解决。
解决 javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path buildin
weixin_43496689的博客
05-17 1万+
PS:后来对windows和mac下java访问https也做了测试,发现mac上的jdk缺省不带startssl ca证书所以能访问通过,而加上startssl ca证书后同android一样访问不通过。JAVA的证书库里已经带了startssl ca证书,而nginx默认不带startssl ca证书,这样JAVA端访问nginx为容器的https url校验就会失败,jetty默认带startssl ca证书,所以正常。最后一行就是jdk的安装路径。
jmeter中 ERROR: java.net.ConnectException: Connection refused: connect
07-28
JMeter中出现"ERROR: java.net.ConnectException: Connection refused: connect"错误通常是由于无法建立与服务器的连接引起的。这可能是由于以下几个原因导致的: 1. 服务器上的ServerAgent服务未正确启动。请确保ServerAgent服务已经成功启动,并且正在监听正确的端口。\[1\] 2. JMeter的监听器端口与服务器端口不匹配。JMeter默认的监听器端口是4444,但是在某些情况下,这个端口可能会被占用。您可以尝试取消使用keepAlive选项,这样可以避免等待TIME_WAIT间,从而允许重复使用端口。\[2\] 3. 阿里服务器的配置问题。如果您的服务器是阿里服务器,可能需要进行一些特殊的配置。例如,您可以尝试将JMeter的监听器端口修改为一个不常用的端口,如8488,并确保开发人员正确配置了该端口。\[3\] 综上所述,您可以按照以下步骤来解决这个问题: 1. 确保ServerAgent服务已正确启动,并正在监听正确的端口。 2. 检查JMeter的监听器端口是否与服务器端口匹配,如果不匹配,请尝试取消使用keepAlive选项。 3. 如果您使用的是阿里服务器,请确保正确配置了JMeter的监听器端口,并与开发人员协调。 希望这些信息对您有所帮助! #### 引用[.reference_title] - *1* [Jmeter监控服务器资源报错问题ERROR: java.net.ConnectException: Connection refused: connect](https://blog.csdn.net/weixin_48415452/article/details/122130564)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v91^insert_down1,239^v3^insert_chatgpt"}} ] [.reference_item] - *2* [jmeter - java.net.ConnectException Connection refused connect](https://blog.csdn.net/u013887008/article/details/117963529)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v91^insert_down1,239^v3^insert_chatgpt"}} ] [.reference_item] - *3* [关于jmeter性能测试监听cpu、内存、io报错ERROR: java.net.ConnectException: Connection refused: connect...](https://blog.csdn.net/weixin_63293995/article/details/124426786)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v91^insert_down1,239^v3^insert_chatgpt"}} ] [.reference_item] [ .reference_list ]
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值