发表新帖
发表新帖

SSL HandShake exception

后端 未结
关注
11 971
自闭症患者
自闭症患者 2020-12-09 05:08

I use SSL connection to connect web client to server. It works without any problem for a long time. But from yesterday it gives following error can anyone tell me the reason

相关标签:
11条回答
  • 醉梦人生
    2020-12-09 05:30

    I fixed the SSL handshake exception by changing from jdk 1.7 to jdk 1.8.

    0 讨论(0)
  • 深忆病人
    2020-12-09 05:31

    The problem you're having is with the certificates. Here is a list of things you might need to be familiar with before working with a secure SSL program. There must be a truststore, keystore, and the certs have to be added. To add the key to your cacerts file, as in step 6, the computer might ask you for a password that you don't know. It is "changeit" mostt likely

    1) To create a new keystore and self-signed certificate with corresponding public/private keys:

     keytool -genkeypair -alias "username" -keyalg RSA -validity 7 -keystore keystore

    2) To Examine the keystore:

    keytool -list -v -keystore keystore

    3) Export and examine the self-signed certificate:

    keytool -export -alias "username" -keystore keystore -rfc -file "username".cer

    4) Import the certificate into a new truststore:

    keytool -import -alias "username" -file "username".cer -keystore truststore

    5) Examine the truststore:

    keytool -list -v -keystore truststore

    6) Add to keystore (this is what your looking for):

    sudo keytool -import -file "username".cer -alias "username" -keystore "path-to-keystore"

    On some systems this is found in 

    /usr/lib/jvm/<java version folder>/jre/lib/security/cacerts

    and on other systems it is something like 

    /etc/ssl/certs/java/cacerts

    Check out this project on Git-Hub if you need more clarification: https://github.com/rabbitfighter81/JSSLInfoCollectionServer And here is a shell script that helps with keys. https://github.com/rabbitfighter81/SSLKeytool

    0 讨论(0)
  • 鱼传尺愫
    2020-12-09 05:33

    I think you have to add keystore in jre1.6 cacert. Then deploy again your server .By the way you can use to add keystore PORTECLE program . it is very useful.

    0 讨论(0)
  • 温柔的废话
    2020-12-09 05:34

    If you really really need to, you can accept all certificates. But keep in mind that this is really ugly.

    Hava a look at this.

    0 讨论(0)
  • 挽巷
    2020-12-09 05:39

    You can check the certificate via the browser.

    In Internet Explorer

    Right Click >> Properties >> Certificates

    Once in the Certificates Window you can view the entire certificate tree as well.

    If you have an invalid certificate you may want to look into a solution using the keytool command.

    Keytool Commands

    0 讨论(0)
 看不清?
提交回复
热议问题