错误记录-java idea执行k8s https api报错 should not be presented in certificate_request

已于 2022-05-11 11:20:29 修改
阅读量993 收藏
点赞数
分类专栏: 报错备忘录 文章标签: java https ssl
于 2022-05-11 11:19:44 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/xinquanv1/article/details/124706086
版权

[java] idea执行k8s api报错-SSLHandshakeException: should not be presented in certificate_request

0 解决方法

在jdk启动参数加上如下参数,修改ssl 客户端协议:

-Djdk.tls.client.protocols=TLSv1.2

image-20220511111223007

1 错误详情及解决详解

本地java程序单元测试调用k8s相关https api发生报错SSLHandshakeException: should not be presented in certificate_request, 具体内容如下:

Caused by: javax.net.ssl.SSLHandshakeException: extension (5) should not be presented in certificate_request
	at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
	at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:314)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:270)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:261)
	at java.base/sun.security.ssl.SSLExtensions.<init>(SSLExtensions.java:89)
	at java.base/sun.security.ssl.CertificateRequest$T13CertificateRequestMessage.<init>(CertificateRequest.java:818)
	at java.base/sun.security.ssl.CertificateRequest$T13CertificateRequestConsumer.consume(CertificateRequest.java:922)
	at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
	at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:451)
	at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:428)
	at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:184)
	at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
	at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1151)
	at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1062)
	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
	at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:336)
	at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:300)
	at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:185)
	at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.java:224)
	at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.java:108)
	at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.java:88)
	at okhttp3.internal.connection.Transmitter.newExchange(Transmitter.java:169)
	at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:41)
	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
	at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
	at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
	at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:88)
	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
	at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:229)
	at okhttp3.RealCall.execute(RealCall.java:81)

检索关键词should not be presented in certificate_reques~~删除线格式~~在stackoverflow得到解决办法:

image-20220511111503307

https://stackoverflow.com/questions/61872520/spring-cloud-vault-error-nested-exception-is-javax-net-ssl-sslhandshakeexceptio

两种解决思路:

1、升级java版本;

2、添加启动参数,使用TLSv1.2协议:

-Djdk.tls.client.protocols=TLSv1.2
文思源想
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
Programming-a-Spider-in-Java.rar_Web site scan_broken links_spid
09-20
A reusable spider class that encapsulates a basic spider will be presented. Then, an example will be shown of how to create a specific spider that will scan a Web site and find broken links.
面试题
热门推荐
沧海横流方显英雄本色
08-17 1万+
changetitle(); Sony笔试题   1.完成下列程序   *   *.*.   *..*..*..   *...*...*...*...   *....*....*....*....*....   *.....*.....*.....*.....*.....*.....   *......*......*......*......*......*......*.
mitmproxy
Criss@陈磊
07-12 7775
Mitmproxy(PS:/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/mitmproxy)Pre——konwledgeSNI(Server Name Indication)Server Name Indication是用来改善SSL(Secure Socket Layer)和TLS(Tra
使用Dockerfile构建自定义jdk镜像,在使用jdk镜像创建一个容器来外部访问(一步一步来哦~好简单的呢)
qq_58804301的博客
04-01 5487
三.根据刚构建的自定义镜像创建一个容器(让外部访问容器) 🤨:什么是dockerfile? 😎:Dockerfile 是一个文本格式的配置文件, 用户可以使用 Dockerfile 来快速创建自定义的镜像,另外,使 用Dockerfile去构建镜像好比使用pom去构建maven项目一样,有异曲同工之妙
第29节 专业英语1
mingming20547的博客
08-28 2538
专业英语 1[单项选择题]A project life cycle is a collection of generally sequential project ( ) whose name and number are determined by the control needs of the organization or Aganizations involved in the pr...
App Store 审核指南最新中英文参照版
疯狂的程序员
05-28 1万+
1.1 As a developer of Apps for the App Store you are bound by the terms of theProgram License Agreement (PLA), Human Interface Guidelines (HIG), and any other licenses or contracts between you and Appl
spring-cloud-kubernetes实践
weixin_33902171的博客
04-21 1193
服务发现 1、利用idea创建一个springboot(version:2.4.3)项目; 2、在pom.xml文件中加入 <properties> <spring-cloud.version>2020.0.1</spring-cloud.version> <spring.cloud.k8s.version>2.0.1</spring.cloud.k8s.version> ... &l
java操作k8s api报错SSLHandshakeException: should not be presented in certificate_request
学亮编程手记
09-06 862
java操作k8s api报错SSLHandshakeException: should not be presented in certificate_request
JDK1.7支持TLS1.2协议解决方案
qaz445325762的博客
05-21 1万+
近期,项目中需要调用的第三方API接口升级,http调用要使用TLS1.2协议。但是项目使用的是JDK1.7,默认支持的TLS是V1 ,jdk1.8默认支持的是v1.2。升级JDK影响比较大,所以不做升级处理。 查询了很多网上资料,有改服务器配置的,也有修改Java请求http代码的。此次是选择修改Java代码 以下是解决方案: 直接在调用接口修改java代码,在创建socket连接时指定调...
Java11 主要新特性
qq120631157的博客
01-26 1402
JDK 11已经于 2018年9月25日正式发布 JDK 11是Java SE 11平台版本11的开源参考实现,由JSR 384在Java Community Process中指定。 阿里巴巴是中国唯一的JCP委员会成员公司,参与Java规范制定。 该版本的功能和时间表是通过 JEP流程提出和跟踪的,并由JEP 2.0提案进行了修订。 使用JDK Release Process(JEP 3)生成发布。 JEP是Java expression parser的简称,即java表达式分析器, Jep是一个用来.
java 建立tlsv1.2报错_Java 8上的SQL Server JDBC错误:驱动程序无法通过使用安全套接字层(SSL)加密建立到SQL Server的安全连接...
weixin_35894622的博客
02-24 817
小编典典我在Linux实例上的Java 8 JVM中打开了SSL日志记录,从而重现了该问题。使用开启SSL日志记录-Djavax.net.debug=ssl:handshake:verbose。这揭示了一些有用的信息。该 解决方法 ,我们在生产中使用,并已被证明对我们的工作是建立在JVM上这个参数:-Djdk.tls.client.protocols=TLSv1如果您需要更多详细信息,请继续阅读。...
lcd.zip_Delay-dependent_T-S FUZZY_T-S with time delay_time-depen
09-14
In this paper, we have investigated the delay-dependent design of state feedback stabilizing fuzzy controllers for T-S fuzzy systems with time varying delay. Our method is an important work as it ...
PIL1_4.zip_PIL1_4_PIL1_4.zip_Plug-in dll_hltr_plug-in
09-24
In the past I have written a plug-in architecture for one of my MFC projects. This architecture, although it worked, was limited in what it could provide, in that the executable/DLL had to know about ...
[elearnica.ir]-Simulation_of_direct_thrust_contro_DTC control_In
09-23
Abstract—In this paper, a direct thrust control (DTC) of linear induction motor (LIM) has been developed and a comprehensive study is presented. DTC is a method based on primer flux control in the ...
Concurrent, Real-Time and Distributed Programming in Java: Threads, RTSJ and RMI
07-27
Finally, a presentation of programming distributed in Java is presented in this book. We are particularly interested in communication using the TCP Sockets and high-level communication using Java ...
Day25-Java基础之常用类1
m0_46053885的博客
04-27 1124
同时我们发现Math类中的方法都是静态的,因此在使用的时候我们可以直接通过类名去调用。对于计算机而言,其实是没有数据类型的概念的,都是0101010101,数据类型是编程语言自己规定的,所以在实际存储的时候,先把具体的数字变成二进制,每32个bit为一组,存储在数组中。比较内存地址值一般情况下是没有意义的,我们希望比较的是对象的属性,如果两个对象的属性相同,我们认为就是同一个对象;如果我们的数据是一个浮点类型的数据,有的时候计算机并不会将这个数据完全转换成一个二进制数据,而是将这个将其转换成一个无限的。
链表刷题集
最新发布
yajunjiao的专栏
04-30 503
本文主要列举了一些刷的题,不多,有那么几道,也建议各位去建立自己的刷题集。积少成多。
d15(136-148)-勇敢开始Java,咖啡拯救人生
m0_73459387的博客
04-28 1100
对象哈希值的特点:同一个对象调用hashCode()返回的哈希值相同;HashMap的键依赖hashCode方法和equals方法保证键的唯一,存储自定义类型的对象时,重写这两个方法。实际上,Set系列集合的底层就是基于Map实现的,只是Set集合中的元素要键数据,不要值数据。当12个位置都占满时就会扩容,大约扩容为原来的二倍,再把原数组数据转移到新数组。使用迭代器遍历集合时,又同时在删除集合中的数据,程序就会出现并发修改异常的错误。基于哈希表实现,每个键值对额外多了一个双链表的机制,记录元素顺序(保证。
Java解决最长公共前缀
无人罪的博客
04-28 396
编写一个函数来查找字符串数组中的最长公共前缀。如果不存在公共前缀,返回空字符串""。
Server's certificate is not trusted
05-10
This error message usually means that the SSL/TLS certificate presented by the server is not trusted by the client. This could be due to a few reasons: 1. The certificate is self-signed or issued by an untrusted Certificate Authority (CA). 2. The certificate has expired or has been revoked. 3. The client's root certificate store is outdated or missing the necessary root CA. To resolve this issue, you can try the following: 1. Check the certificate details to ensure it's valid and issued by a trusted CA. 2. Update the root certificate store on the client system. 3. Install the necessary intermediate certificates if they are missing. 4. If you're using a web browser, try clearing the cache and cookies or using a different browser. If the issue persists, you may want to contact the server administrator or IT support for further assistance.

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值