大佬教程收集整理的这篇文章主要介绍了Java 11.0.11 SSL 握手失败,出现异常“无通用命名组”,大佬教程大佬觉得挺不错的,现在分享给大家,也给大家做个参考。
我们在 Java 11 中开发了一个服务器应用程序,它接受来自客户端的传入 httpS 连接。直到/包括 Java 11.0.10 (AdoPTOPenJDK),一切都运行良好。
在升级到 Java 11.0.11 后,我们遇到了来自 Chrome 客户端的连接的连接握手问题(javax.net.ssl.SSLProtocolException: No common named group)。 firefox 客户端没有问题。
启用 SSL 日志(-Djavax.net.deBUG=ssl:handshake)后,我们可以看到两个版本之间的差异:
使用 11.0.11:
Ignore unsupported named group: UNdefineD-nameD-GROUP(31354)
Ignore unsupported named group: x25519
Consumed extension: key_share
使用 11.0.10:
Ignore unsupported named group: UNdefineD-nameD-GROUP(6682)
Consumed extension: key_share
新的 Java 版本似乎忽略了对 x25519 的请求。
两个 Java 运行时都未从 AdaPTOPenJDK 下载。
这里有一些更详细的日志:
Chrome for Java 11.0.11 失败:
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.387 CEST|null:-1|Ignore unkNown or unsupported extension (
"unkNown extension (64,250)": {
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.387 CEST|null:-1|Ignore unkNown or unsupported extension (
"session_ticket (35)": {
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.387 CEST|null:-1|Ignore unkNown or unsupported extension (
"signed_certificate_timestamp (18)": {
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.387 CEST|null:-1|Ignore unkNown or unsupported extension (
"unkNown extension (27)": {
0000: 02 00 02 ...
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.387 CEST|null:-1|Ignore unkNown or unsupported extension (
"unkNown extension (17,513)": {
0000: 00 03 02 68 32 ...h2
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.387 CEST|null:-1|Ignore unkNown or unsupported extension (
"unkNown extension (60,138)": {
0000: 00 .
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.387 CEST|null:-1|Ignore unkNown or unsupported extension (
"clIEnt_certificate_type (21)": {
0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ..............
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.399 CEST|null:-1|Consuming ClIEntHello handshake message (
"ClIEntHello": {
"clIEnt version" : "TLSv1.2","random" : "E0 14 47 3E 55 DE 2D 30 FF 5C CE E1 D1 27 3D 4B F4 CB 42 EE 3E 22 14 C7 BE 16 1A FA BF 35 EE DD","session ID" : "D7 59 27 6A 00 46 84 3A AB 32 FD 30 79 AD C4 DE 11 55 52 D5 07 1F 66 B0 7D 7E 80 A6 6F 95 2D 2B","cipher suites" : "[UNKNowN-CIPHER-SUITE(0x2A2A)(0x2A2A),TLS_AES_128_GCM_SHA256(0x1301),TLS_AES_256_GCM_SHA384(0x1302),TLS_CHACHA20_poly1305_SHA256(0x1303),TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B),TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F),TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C),TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030),UNKNowN-CIPHER-SUITE(0xCCA9)(0xCCA9),UNKNowN-CIPHER-SUITE(0xCCA8)(0xCCA8),TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xc013),TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xc014),TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C),TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D),TLS_RSA_WITH_AES_128_CBC_SHA(0x002F),TLS_RSA_WITH_AES_256_CBC_SHA(0x0035)]","compression methods" : "00","extensions" : [
"unkNown extension (64,250)": {
},"server_name (0)": {
type=host_name (0),value=local.3dmapPing.cloud
},"extended_master_secret (23)": {
<empty>
},"renegotiation_info (65,281)": {
"renegotiated connection": [<no renegotiated connection>]
},"supported_groups (10)": {
"versions": [UNdefineD-nameD-GROUP(31354),x25519,secp256r1,secp384r1]
},"ec_point_formats (11)": {
"formats": [uncompressed]
},"session_ticket (35)": {
},"application_layer_protocol_negotiation (16)": {
[h2,http/1.1]
},"status_request (5)": {
"certificate status type": ocsp
"OCSP status request": {
"responder_ID": <empty>
"request extensions": {
<empty>
}
}
},"signature_algorithms (13)": {
"signature scheR_205_11845@es": [ecdsa_secp256r1_sha256,rsa_pss_rSAE_sha256,rsa_pkcs1_sha256,ecdsa_secp384r1_sha384,rsa_pss_rSAE_sha384,rsa_pkcs1_sha384,rsa_pss_rSAE_sha512,rsa_pkcs1_sha512]
},"signed_certificate_timestamp (18)": {
},"key_share (51)": {
"clIEnt_shares": [
{
"named group": UNdefineD-nameD-GROUP(31354)
"key_exchange": {
0000: 00
}
},{
"named group": x25519
"key_exchange": {
0000: AA F1 CE 3D 91 DD 66 C1 50 6F 5F B6 21 B3 EC 15 ...=..f.Po_.!...
0010: A9 56 23 C7 3C 33 22 7B EC 6C 3F 0C 37 C4 B6 45 .V#.<3"..l?.7..E
}
},]
},"psk_key_exchange_modes (45)": {
"ke_modes": [psk_dhe_ke]
},"supported_versions (43)": {
"versions": [(D)TLS-10.10,TLSv1.3,TLSv1.2,TLSv1.1,TLSv1]
},"unkNown extension (27)": {
0000: 02 00 02 ...
},"unkNown extension (17,513)": {
0000: 00 03 02 68 32 ...h2
},"unkNown extension (60,138)": {
0000: 00 .
},"clIEnt_certificate_type (21)": {
0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ..............
}
]
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.400 CEST|null:-1|Consumed extension: supported_versions
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.401 CEST|null:-1|Negotiated protocol version: TLSv1.3
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.402 CEST|null:-1|Consumed extension: psk_key_exchange_modes
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.403 CEST|null:-1|Handling pre_shared_key absence.
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.404 CEST|null:-1|no server name matchers,ignore server name inDication
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.404 CEST|null:-1|Consumed extension: server_name
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.406 CEST|null:-1|Ignore unavailable extension: max_fragment_length
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.407 CEST|null:-1|Consumed extension: status_request
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.407 CEST|null:-1|Consumed extension: supported_groups
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.408 CEST|null:-1|Ignore unsupported extension: ec_point_formats
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.409 CEST|null:-1|Consumed extension: signature_algorithms
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.410 CEST|null:-1|Ignore unavailable extension: signature_algorithms_cert
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.417 CEST|null:-1|Ignore server unenabled extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.417 CEST|null:-1|Consumed extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.418 CEST|null:-1|Ignore unsupported extension: status_request_v2
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.419 CEST|null:-1|Ignore unsupported extension: extended_master_secret
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.419 CEST|null:-1|Ignore unavailable extension: cookie
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.420 CEST|null:-1|Ignore unsupported named group: UNdefineD-nameD-GROUP(31354)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.421 CEST|null:-1|Ignore unsupported named group: x25519
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.422 CEST|null:-1|Consumed extension: key_share
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.422 CEST|null:-1|Ignore unsupported extension: renegotiation_info
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:00:46.423 CEST|null:-1|use cipher suite TLS_AES_128_GCM_SHA256
javax.net.ssl|ERROR|19|PortServer:http1111|2021-07-14 10:00:46.426 CEST|null:-1|Fatal (UNEXPECTED_messaGE): No common named group (
"throwable" : {
javax.net.ssl.SSLProtocolException: No common named group
at java.base/sun.security.ssl.Alert.createSSLException(UnkNown sourcE)
at java.base/sun.security.ssl.Alert.createSSLException(UnkNown sourcE)
at java.base/sun.security.ssl.TransportContext.fatal(UnkNown sourcE)
at java.base/sun.security.ssl.TransportContext.fatal(UnkNown sourcE)
at java.base/sun.security.ssl.TransportContext.fatal(UnkNown sourcE)
at java.base/sun.security.ssl.KeyShareExtension$HRRKeyShareproducer.produce(UnkNown sourcE)
at java.base/sun.security.ssl.SSLExtension.produce(UnkNown sourcE)
at java.base/sun.security.ssl.SSLExtensions.produce(UnkNown sourcE)
at java.base/sun.security.ssl.ServerHello$T13HelloRetryrequestProducer.produce(UnkNown sourcE)
at java.base/sun.security.ssl.SSLHandshake.produce(UnkNown sourcE)
at java.base/sun.security.ssl.ClIEntHello$T13ClIEntHelloConsumer.goHelloRetryrequest(UnkNown sourcE)
at java.base/sun.security.ssl.ClIEntHello$T13ClIEntHelloConsumer.consume(UnkNown sourcE)
at java.base/sun.security.ssl.ClIEntHello$ClIEntHelloConsumer.onClIEntHello(UnkNown sourcE)
at java.base/sun.security.ssl.ClIEntHello$ClIEntHelloConsumer.consume(UnkNown sourcE)
at java.base/sun.security.ssl.SSLHandshake.consume(UnkNown sourcE)
at java.base/sun.security.ssl.HandshakeContext.dispatch(UnkNown sourcE)
at java.base/sun.security.ssl.SSLENGIneImpl$DelegatedTask$DelegatedAction.run(UnkNown sourcE)
at java.base/sun.security.ssl.SSLENGIneImpl$DelegatedTask$DelegatedAction.run(UnkNown sourcE)
at java.base/java.security.AccessController.doprivileged(Native Method)
at java.base/sun.security.ssl.SSLENGIneImpl$DelegatedTask.run(UnkNown sourcE)
at core.toolx/com.orbitgis.toolx.network.server.server2.SSLSocketChAnnel.a(sourcefile:1505)
at core.toolx/com.orbitgis.toolx.network.server.server2.SSLSocketChAnnel.read(sourcefile:653)
at core.toolx/com.orbitgis.toolx.network.server.server2.PortServer2.e(sourcefile:502)
at core.toolx/com.orbitgis.toolx.network.server.server2.PortServer2.run(sourcefile:951)
at java.base/java.lang.Thread.run(UnkNown sourcE)}
)
Chrome for Java 11.0.10 的成功:
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.904 CEST|null:-1|Ignore unkNown or unsupported extension (
"unkNown extension (31,354)": {
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.904 CEST|null:-1|Ignore unkNown or unsupported extension (
"session_ticket (35)": {
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.905 CEST|null:-1|Ignore unkNown or unsupported extension (
"signed_certificate_timestamp (18)": {
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.906 CEST|null:-1|Ignore unkNown or unsupported extension (
"unkNown extension (27)": {
0000: 02 00 02 ...
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.907 CEST|null:-1|Ignore unkNown or unsupported extension (
"unkNown extension (17,513)": {
0000: 00 03 02 68 32 ...h2
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.907 CEST|null:-1|Ignore unkNown or unsupported extension (
"unkNown extension (10,794)": {
0000: 00 .
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.908 CEST|null:-1|Ignore unkNown or unsupported extension (
"clIEnt_certificate_type (21)": {
0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ..............
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.916 CEST|null:-1|Consuming ClIEntHello handshake message (
"ClIEntHello": {
"clIEnt version" : "TLSv1.2","random" : "F0 2C 2D B7 E0 B2 5C 59 20 66 E7 61 53 6A F5 3F AC FB 8b 14 22 51 D2 8E 7D 1D 52 17 A4 C1 33 E3","session ID" : "12 91 36 9A BD 16 00 CA 84 5D 3D 40 61 5C A1 1F 65 2C DD 91 96 D5 E8 B8 21 09 31 76 DC B2 11 CB","cipher suites" : "[UNKNowN-CIPHER-SUITE(0xCACA)(0xCACA),"extensions" : [
"unkNown extension (31,354)": {
},"supported_groups (10)": {
"versions": [UNdefineD-nameD-GROUP(6682),"key_share (51)": {
"clIEnt_shares": [
{
"named group": UNdefineD-nameD-GROUP(6682)
"key_exchange": {
0000: 00
}
},{
"named group": x25519
"key_exchange": {
0000: D8 DB B4 6D 69 D4 44 C2 21 7C 59 8C 3F Eb 18 20 ...mi.D.!.Y.?..
0010: B5 13 73 41 2C 57 18 2E 1C DB 03 64 50 57 0B 6B ..sA,W.....dPW.k
}
},"supported_versions (43)": {
"versions": [(D)TLS--6.-6,"unkNown extension (10,794)": {
0000: 00 .
},"clIEnt_certificate_type (21)": {
0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ..............
}
]
}
)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.917 CEST|null:-1|Consumed extension: supported_versions
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Negotiated protocol version: TLSv1.3
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Consumed extension: psk_key_exchange_modes
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Handling pre_shared_key absence.
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|no server name matchers,ignore server name inDication
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Consumed extension: server_name
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Ignore unavailable extension: max_fragment_length
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Consumed extension: status_request
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Consumed extension: supported_groups
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Ignore unsupported extension: ec_point_formats
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Consumed extension: signature_algorithms
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Ignore unavailable extension: signature_algorithms_cert
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Ignore server unenabled extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Consumed extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Ignore unsupported extension: status_request_v2
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Ignore unsupported extension: extended_master_secret
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Ignore unavailable extension: cookie
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Ignore unsupported named group: UNdefineD-nameD-GROUP(6682)
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Consumed extension: key_share
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.918 CEST|null:-1|Ignore unsupported extension: renegotiation_info
javax.net.ssl|WARNING|19|PortServer:http1111|2021-07-14 10:22:25.935 CEST|null:-1|Ignore impact of unsupported extension: server_name
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.938 CEST|null:-1|Ignore unavailable extension: max_fragment_length
javax.net.ssl|WARNING|19|PortServer:http1111|2021-07-14 10:22:25.939 CEST|null:-1|Ignore impact of unsupported extension: status_request
javax.net.ssl|WARNING|19|PortServer:http1111|2021-07-14 10:22:25.939 CEST|null:-1|Ignore impact of unsupported extension: supported_groups
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.942 CEST|null:-1|Populated with extension: signature_algorithms
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.942 CEST|null:-1|Ignore unavailable extension: signature_algorithms_cert
javax.net.ssl|WARNING|19|PortServer:http1111|2021-07-14 10:22:25.943 CEST|null:-1|Ignore impact of unsupported extension: application_layer_protocol_negotiation
javax.net.ssl|WARNING|19|PortServer:http1111|2021-07-14 10:22:25.944 CEST|null:-1|Ignore impact of unsupported extension: supported_versions
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.944 CEST|null:-1|Ignore unavailable extension: cookie
javax.net.ssl|WARNING|19|PortServer:http1111|2021-07-14 10:22:25.945 CEST|null:-1|Ignore impact of unsupported extension: psk_key_exchange_modes
javax.net.ssl|WARNING|19|PortServer:http1111|2021-07-14 10:22:25.946 CEST|null:-1|Ignore impact of unsupported extension: key_share
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.947 CEST|null:-1|use cipher suite TLS_AES_128_GCM_SHA256
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.949 CEST|null:-1|Ignore,context unavailable extension: pre_shared_key
javax.net.ssl|DEBUG|19|PortServer:http1111|2021-07-14 10:22:25.950 CEST|null:-1|Produced ServerHello handshake message (
"ServerHello": {
"server version" : "TLSv1.2","random" : "59 39 C8 98 37 AF C6 72 50 DF 02 74 43 DF 4C 29 F6 65 CE 97 66 79 E2 69 6F 8C B1 E4 1B B6 65 54","cipher suite" : "TLS_AES_128_GCM_SHA256(0x1301)","extensions" : [
"supported_versions (43)": {
"SELEcted version": [TLSv1.3]
},"key_share (51)": {
"server_share": {
"named group": x25519
"key_exchange": {
0000: 3A 89 E5 8E E2 1E 7D 48 E2 FE 44 92 BD 03 EE BA :......H..D.....
0010: 27 08 8E 06 06 86 D8 7D 8E 74 D3 BF A7 55 5D 03 '........t...U].
}
},}
]
}
)
Java 11.0.11 似乎放弃了对 TLSv1 和 TLSv1.1 的开箱即用支持,但我不确定这是否相关。启用这些并不能解决问题。
知道为什么不再支持 x25519 了吗?或者如何启用它?
问题的原因是模块路径中的单个 jar 文件。 jar 本身与网络、加密或安全无关,它用于更改 UI 外观。罐子是7年前签的,以前没出过什么问题。 用未签名的副本替换这个 jar 可以解决所有问题,并使 Java 11.0.11 再次完全运行,并提供预期的安全提供程序列表(13 个而不是 4 个)。
为什么这个问题只发生在 Java 11.0.11 上仍然是个谜。我没有看到来自 Java 类加载器的任何错误消息。
@H_944_49@以上是大佬教程为你收集整理的Java 11.0.11 SSL 握手失败,出现异常“无通用命名组”全部内容,希望文章能够帮你解决Java 11.0.11 SSL 握手失败,出现异常“无通用命名组”所遇到的程序开发问题。
如果觉得大佬教程网站内容还不错,欢迎将大佬教程推荐给程序员好友。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。