博客园  :: 首页  :: 新随笔  :: 联系 :: 订阅 订阅  :: 管理

handshake_failure

Posted on 2016-05-31 12:29  fochan  阅读(2301)  评论(0编辑  收藏  举报

在java 1.6版本中,通过HttpsURLConnection请求class 1(多发生于免费ssl证书,比如沃通或者startssl的)的https网络地址时,可能会报握手异常:

Caused by: java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
- Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1822)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1004)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1195)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)

可以做如下尝试:

    /*
     * 在java1.6中,进行https的请求会提示 Received fatal alert: handshake_failure
     * 的握手失败的异常,网上的资料说这是个bug
     * 参考此贴http://www.coderanch.com/t/637177/Security/Disabling-handshake-message-Java 按照楼主处理, 把协议版本临时修改,再恢复的方式绕过了此bug
     */
    String defaultValue = System.getProperty("https.protocols");
    System.setProperty("https.protocols", "TLSv1");
    String response = CommonUtils.getResponseFromServer(url, "utf-8");//请求https地址
    log.debug("用户登陆过程正常:获得响应为" + response);

    if (defaultValue != null) {
        System.setProperty("https.protocols", defaultValue);
    } else {
        System.clearProperty("https.protocols");
    }