JAVA_javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
tomcat访问https请求返回:
- javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
- at sun.security.ssl.ClientHandshaker.handshakeAlert(ClientHandshaker.java:1292)
- at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1952)
- at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1077)
- at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
- at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
- at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
- at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:275)
- at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:254)
- at org.apache.http.impl.conn.HttpClientConnectionOperator.connect(HttpClientConnectionOperator.java:117)
- at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:314)
- at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:363)
- at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:219)
- at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:195)
- at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:86)
- at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108)
- at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:186)
- at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72)
- at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:214)
- at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:160)
- at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:136)
服务器java版本:
- java version "1.7.0_51"
解决办法:
在TOMCAT_HOME/bin/catalina.sh中加入-Djsse.enableSNIExtension=false设置
- JAVA_OPTS="$JAVA_OPTS -Djsse.enableSNIExtension=false
重启Tomcat,问题解决
问题原因参考:
http://stackoverflow.com/questions/7615645/ssl-handshake-alert-unrecognized-name-error-since-upgrade-to-java-1-7-0/11043871#11043871