javax.net.ssl.sslhandshakeexception:remote host 握手时连接关闭

fcwjkofz  于 2021-07-13  发布在  Java
关注(0)|答案(1)|浏览(556)

我正在尝试运行一个java应用程序,该应用程序对服务器进行https调用,但始终出现以下ssl错误:

javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:882)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:654)
    at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:100)
    at java.io.BufferedOutputStream.write(BufferedOutputStream.java:105)
    at org.apache.commons.httpclient.HttpConnection.write(HttpConnection.java:974)
    at org.apache.commons.httpclient.HttpConnection.write(HttpConnection.java:942)
    at org.apache.commons.httpclient.HttpConnection.print(HttpConnection.java:1032)
    at org.apache.commons.httpclient.HttpMethodBase.writeRequestLine(HttpMethodBase.java:2077)
    at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:1918)
    at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:993)
    at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:397)
    at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170)
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
        ...
        ...
        ...
Caused by: java.io.EOFException: SSL peer shut down incorrectly
    at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:462)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:863)

我在其他帖子上看到,我需要在lib/security/cacerts中添加证书。因此,我使用firefox从服务器下载了证书文件,并运行了以下命令:

sudo keytool -import -keystore cacerts -storepass changeit -alias samplecert-root -trustcacerts -file VeriSignClass3SecureServerCA.crt 
Certificate was added to keystore

然而,我仍然不断地得到错误。有什么问题?我是否正确地将证书添加到密钥库?

e0uiprwp

e0uiprwp1#

在我的例子中,错误的原因是我使用了一个证书作为客户端证书,它是一个服务器专用的证书。

相关问题