Мобильная версияЯ пытаюсь подключиться к dnug.collab.cloud с помощью TLSv1.3 с помощью HTTP-клиента Apache 5.4.1 с Java 17.0.8.1, но постоянно сталкиваюсь с ошибкой установления связи, которую я не понимаю.< /p>
Когда я устанавливаю jdk.tls.client.protocols=TLSv1.2, рукопожатие завершается успешно.
Может ли кто-нибудь объяснить, что может пойти не так?
Код
System.out.println(System.getProperty("java.version"));
try (CloseableHttpClient client = HttpClients.createDefault()) {
final HttpGet request1 = new HttpGet(
"https://dnug.collab.cloud/profiles/atom ... lacorp.org");
client.execute(request1, response -> {
return null;
});
} catch (Exception e) {
e.printStackTrace();
}
Журнал создан с помощью javax.net.debug=ssl:handshake
17.0.8.1
javax.net.ssl|DEBUG|2024-12-12 17:00:53.028 CET|SSLCipher.java:466|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|DEBUG|2024-12-12 17:00:53.075 CET|SSLCipher.java:466|jdk.tls.keyLimits: entry = ChaCha20-Poly1305 KeyUpdate 2^37. CHACHA20-POLY1305:KEYUPDATE = 137438953472
javax.net.ssl|WARNING|2024-12-12 17:00:57.306 CET|NamedGroup.java:297|No AlgorithmParameters for x25519 (
"throwable" : {
java.security.NoSuchAlgorithmException: Algorithm x25519 not available
at java.base/javax.crypto.KeyAgreement.getInstance(KeyAgreement.java:194)
...
)
javax.net.ssl|WARNING|2024-12-12 17:00:57.316 CET|NamedGroup.java:297|No AlgorithmParameters for x448 (
"throwable" : {
java.security.NoSuchAlgorithmException: Algorithm x448 not available
at java.base/javax.crypto.KeyAgreement.getInstance(KeyAgreement.java:194)
...
)
javax.net.ssl|WARNING|2024-12-12 17:00:57.322 CET|SignatureScheme.java:296|Signature algorithm, Ed25519, is not supported by the underlying providers
javax.net.ssl|WARNING|2024-12-12 17:00:57.323 CET|SignatureScheme.java:296|Signature algorithm, Ed448, is not supported by the underlying providers
javax.net.ssl|INFO|2024-12-12 17:00:57.445 CET|AlpnExtension.java:182|No available application protocols
javax.net.ssl|DEBUG|2024-12-12 17:00:57.446 CET|SSLExtensions.java:272|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|2024-12-12 17:00:57.447 CET|SessionTicketExtension.java:408|Stateless resumption supported
javax.net.ssl|DEBUG|2024-12-12 17:00:57.450 CET|SSLExtensions.java:272|Ignore, context unavailable extension: cookie
javax.net.ssl|DEBUG|2024-12-12 17:00:57.755 CET|SSLExtensions.java:272|Ignore, context unavailable extension: renegotiation_info
javax.net.ssl|DEBUG|2024-12-12 17:00:57.756 CET|PreSharedKeyExtension.java:661|No session to resume.
javax.net.ssl|DEBUG|2024-12-12 17:00:57.756 CET|SSLExtensions.java:272|Ignore, context unavailable extension: pre_shared_key
javax.net.ssl|DEBUG|2024-12-12 17:00:57.789 CET|ClientHello.java:641|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "AD7E649F326AE997D6BCF2B2BAE7D019A665797892B091C0CF90F8F60A64399C",
"session id" : "F475C1E0041E5A8BDC270BE3252E06EFC7CD830A18A6C61A1319BD84C34603D4",
"cipher suites" : "[TLS_AES_256_GCM_SHA384(0x1302), TLS_AES_128_GCM_SHA256(0x1301), TLS_CHACHA20_POLY1305_SHA256(0x1303), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCAA), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
"compression methods" : "00",
"extensions" : [
"server_name (0)": {
type=host_name (0), value=dnug.collab.cloud
},
"status_request (5)": {
"certificate status type": ocsp
"OCSP status request": {
"responder_id":
"request extensions": {
}
}
},
"supported_groups (10)": {
"versions": [ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
},
"ec_point_formats (11)": {
"formats": [uncompressed]
},
"status_request_v2 (17)": {
"cert status request": {
"certificate status type": ocsp_multi
"OCSP status request": {
"responder_id":
"request extensions": {
}
}
}
},
"extended_master_secret (23)": {
},
"session_ticket (35)": {
},
"signature_algorithms (13)": {
"signature schemes": [rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, rsa_sha224, dsa_sha224, rsa_pkcs1_sha1, dsa_sha1]
},
"supported_versions (43)": {
"versions": [TLSv1.3, TLSv1.2]
},
"psk_key_exchange_modes (45)": {
"ke_modes": [psk_dhe_ke]
},
"signature_algorithms_cert (50)": {
"signature schemes": [rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, rsa_sha224, dsa_sha224, rsa_pkcs1_sha1, dsa_sha1]
},
"key_share (51)": {
"client_shares": [
{
"named group": ffdhe2048
"key_exchange": {
0000: CA 1D A2 35 A2 7A 8A A6 DD 8F 8B 96 C3 76 D6 4D ...5.z.......v.M
0010: D7 3E 20 B8 E8 B3 72 2B B0 DF A8 E2 47 FB 8B 96 .> ...r+....G...
0020: 66 4E 7F 9A A8 82 84 BF 45 45 3A 28 1D 77 BC F0 fN......EE:(.w..
0030: 92 B3 1C 64 52 94 B5 EE 43 FC C9 0B 52 26 AE 59 ...dR...C...R&.Y
0040: AE 1E 89 E7 C2 DB 35 C7 9B 83 0F C7 89 37 33 0C ......5......73.
0050: CE CB A3 E4 01 EB 7C 1B D9 3A F1 FE 2F D1 CA 71 .........:../..q
0060: D1 2C 1A 8A CF 11 82 E3 81 73 E4 D3 B9 5B EA 7E .,.......s...[..
0070: 23 A5 E3 B0 25 8D 31 21 4C 63 68 DD F9 01 E2 75 #...%.1!Lch....u
0080: DC 34 01 AA D4 3B 89 88 E3 05 86 9F 52 DB 76 07 .4...;......R.v.
0090: 33 CF 43 34 01 3C E9 30 4B 71 5D AC 65 6E F4 07 3.C4.
Подробнее здесь: https://stackoverflow.com/questions/792 ... pplication
Ошибка подтверждения SSL в приложении Java ⇐ JAVA
Программисты JAVA общаются здесь
-
Anonymous
1734019738
Anonymous
Я пытаюсь подключиться к dnug.collab.cloud с помощью TLSv1.3 с помощью HTTP-клиента Apache 5.4.1 с Java 17.0.8.1, но постоянно сталкиваюсь с ошибкой установления связи, которую я не понимаю.< /p>
Когда я устанавливаю jdk.tls.client.protocols=TLSv1.2, рукопожатие завершается успешно.
Может ли кто-нибудь объяснить, что может пойти не так?
Код
System.out.println(System.getProperty("java.version"));
try (CloseableHttpClient client = HttpClients.createDefault()) {
final HttpGet request1 = new HttpGet(
"https://dnug.collab.cloud/profiles/atom/profileService.do?email=dummy@umbrellacorp.org");
client.execute(request1, response -> {
return null;
});
} catch (Exception e) {
e.printStackTrace();
}
Журнал создан с помощью javax.net.debug=ssl:handshake
17.0.8.1
javax.net.ssl|DEBUG|2024-12-12 17:00:53.028 CET|SSLCipher.java:466|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|DEBUG|2024-12-12 17:00:53.075 CET|SSLCipher.java:466|jdk.tls.keyLimits: entry = ChaCha20-Poly1305 KeyUpdate 2^37. CHACHA20-POLY1305:KEYUPDATE = 137438953472
javax.net.ssl|WARNING|2024-12-12 17:00:57.306 CET|NamedGroup.java:297|No AlgorithmParameters for x25519 (
"throwable" : {
java.security.NoSuchAlgorithmException: Algorithm x25519 not available
at java.base/javax.crypto.KeyAgreement.getInstance(KeyAgreement.java:194)
...
)
javax.net.ssl|WARNING|2024-12-12 17:00:57.316 CET|NamedGroup.java:297|No AlgorithmParameters for x448 (
"throwable" : {
java.security.NoSuchAlgorithmException: Algorithm x448 not available
at java.base/javax.crypto.KeyAgreement.getInstance(KeyAgreement.java:194)
...
)
javax.net.ssl|WARNING|2024-12-12 17:00:57.322 CET|SignatureScheme.java:296|Signature algorithm, Ed25519, is not supported by the underlying providers
javax.net.ssl|WARNING|2024-12-12 17:00:57.323 CET|SignatureScheme.java:296|Signature algorithm, Ed448, is not supported by the underlying providers
javax.net.ssl|INFO|2024-12-12 17:00:57.445 CET|AlpnExtension.java:182|No available application protocols
javax.net.ssl|DEBUG|2024-12-12 17:00:57.446 CET|SSLExtensions.java:272|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|2024-12-12 17:00:57.447 CET|SessionTicketExtension.java:408|Stateless resumption supported
javax.net.ssl|DEBUG|2024-12-12 17:00:57.450 CET|SSLExtensions.java:272|Ignore, context unavailable extension: cookie
javax.net.ssl|DEBUG|2024-12-12 17:00:57.755 CET|SSLExtensions.java:272|Ignore, context unavailable extension: renegotiation_info
javax.net.ssl|DEBUG|2024-12-12 17:00:57.756 CET|PreSharedKeyExtension.java:661|No session to resume.
javax.net.ssl|DEBUG|2024-12-12 17:00:57.756 CET|SSLExtensions.java:272|Ignore, context unavailable extension: pre_shared_key
javax.net.ssl|DEBUG|2024-12-12 17:00:57.789 CET|ClientHello.java:641|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "AD7E649F326AE997D6BCF2B2BAE7D019A665797892B091C0CF90F8F60A64399C",
"session id" : "F475C1E0041E5A8BDC270BE3252E06EFC7CD830A18A6C61A1319BD84C34603D4",
"cipher suites" : "[TLS_AES_256_GCM_SHA384(0x1302), TLS_AES_128_GCM_SHA256(0x1301), TLS_CHACHA20_POLY1305_SHA256(0x1303), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCAA), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
"compression methods" : "00",
"extensions" : [
"server_name (0)": {
type=host_name (0), value=dnug.collab.cloud
},
"status_request (5)": {
"certificate status type": ocsp
"OCSP status request": {
"responder_id":
"request extensions": {
}
}
},
"supported_groups (10)": {
"versions": [ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
},
"ec_point_formats (11)": {
"formats": [uncompressed]
},
"status_request_v2 (17)": {
"cert status request": {
"certificate status type": ocsp_multi
"OCSP status request": {
"responder_id":
"request extensions": {
}
}
}
},
"extended_master_secret (23)": {
},
"session_ticket (35)": {
},
"signature_algorithms (13)": {
"signature schemes": [rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, rsa_sha224, dsa_sha224, rsa_pkcs1_sha1, dsa_sha1]
},
"supported_versions (43)": {
"versions": [TLSv1.3, TLSv1.2]
},
"psk_key_exchange_modes (45)": {
"ke_modes": [psk_dhe_ke]
},
"signature_algorithms_cert (50)": {
"signature schemes": [rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, rsa_sha224, dsa_sha224, rsa_pkcs1_sha1, dsa_sha1]
},
"key_share (51)": {
"client_shares": [
{
"named group": ffdhe2048
"key_exchange": {
0000: CA 1D A2 35 A2 7A 8A A6 DD 8F 8B 96 C3 76 D6 4D ...5.z.......v.M
0010: D7 3E 20 B8 E8 B3 72 2B B0 DF A8 E2 47 FB 8B 96 .> ...r+....G...
0020: 66 4E 7F 9A A8 82 84 BF 45 45 3A 28 1D 77 BC F0 fN......EE:(.w..
0030: 92 B3 1C 64 52 94 B5 EE 43 FC C9 0B 52 26 AE 59 ...dR...C...R&.Y
0040: AE 1E 89 E7 C2 DB 35 C7 9B 83 0F C7 89 37 33 0C ......5......73.
0050: CE CB A3 E4 01 EB 7C 1B D9 3A F1 FE 2F D1 CA 71 .........:../..q
0060: D1 2C 1A 8A CF 11 82 E3 81 73 E4 D3 B9 5B EA 7E .,.......s...[..
0070: 23 A5 E3 B0 25 8D 31 21 4C 63 68 DD F9 01 E2 75 #...%.1!Lch....u
0080: DC 34 01 AA D4 3B 89 88 E3 05 86 9F 52 DB 76 07 .4...;......R.v.
0090: 33 CF 43 34 01 3C E9 30 4B 71 5D AC 65 6E F4 07 3.C4.
Подробнее здесь: [url]https://stackoverflow.com/questions/79275809/ssl-handshake-failure-in-java-application[/url]
Ответить
1 сообщение
• Страница 1 из 1
Перейти
- Кемерово-IT
- ↳ Javascript
- ↳ C#
- ↳ JAVA
- ↳ Elasticsearch aggregation
- ↳ Python
- ↳ Php
- ↳ Android
- ↳ Html
- ↳ Jquery
- ↳ C++
- ↳ IOS
- ↳ CSS
- ↳ Excel
- ↳ Linux
- ↳ Apache
- ↳ MySql
- Детский мир
- Для души
- ↳ Музыкальные инструменты даром
- ↳ Печатная продукция даром
- Внешняя красота и здоровье
- ↳ Одежда и обувь для взрослых даром
- ↳ Товары для здоровья
- ↳ Физкультура и спорт
- Техника - даром!
- ↳ Автомобилистам
- ↳ Компьютерная техника
- ↳ Плиты: газовые и электрические
- ↳ Холодильники
- ↳ Стиральные машины
- ↳ Телевизоры
- ↳ Телефоны, смартфоны, плашеты
- ↳ Швейные машинки
- ↳ Прочая электроника и техника
- ↳ Фототехника
- Ремонт и интерьер
- ↳ Стройматериалы, инструмент
- ↳ Мебель и предметы интерьера даром
- ↳ Cантехника
- Другие темы
- ↳ Разное даром
- ↳ Давай меняться!
- ↳ Отдам\возьму за копеечку
- ↳ Работа и подработка в Кемерове
- ↳ Давай с тобой поговорим...
