1. Dom
  2. Pytanie i odpowiedź
  3. JavaFx Webview JDK 8 nie może załadować samopodpisanego certyfikatu

JavaFx Webview JDK 8 nie może załadować samopodpisanego certyfikatu

2015-04-15 11 views
5

Próbowałem zaimplementować webview w mojej aplikacji javafx i używam JDK 8 do jej rozwijania.JavaFx Webview JDK 8 nie może załadować samopodpisanego certyfikatu

Gdy używam WebEngine załadować dowolną stronę certyfikat HTTPS to działa dobrze:

webEngine.load("https://google.com");

Ale jeśli mogę użyć certyfikatu z podpisem własnym HTTPS nie można go otworzyć. Próbowałem użyć tego kodu, aby pokazać problem:

webEngine.getLoadWorker().stateProperty().addListener(
     new ChangeListener<Worker.State>() { 
     public void changed(ObservableValue ov, Worker.State oldState, Worker.State newState) {        
      if (webEngine.getLoadWorker().getException() != null && newState == State.FAILED){ 
      System.out.println(webEngine.getLoadWorker().getException().toString()); 
     } 
    } 
});

I mój problem jest:

java.lang.Throwable: SSL handshake udało

Próbowałem dodać podążaj za kodem, aby zaufać wszystkim hostom, zanim użyjesz mojej przeglądarki, ale to nie zadziała:

// Create a trust manager that does not validate certificate chains 
TrustManager[] trustAllCerts = new TrustManager[] { 
    new X509TrustManager() {  
     public java.security.cert.X509Certificate[] getAcceptedIssuers() { 
      return null; 
     } 
     public void checkClientTrusted( 
      java.security.cert.X509Certificate[] certs, String authType) { 
      } 
     public void checkServerTrusted( 
      java.security.cert.X509Certificate[] certs, String authType) { 
     } 
    } 
}; 

// Install the all-trusting trust manager 
try { 
    SSLContext sc = SSLContext.getInstance("SSL"); 
    sc.init(null, trustAllCerts, new java.security.SecureRandom()); 
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); 
} catch (GeneralSecurityException e) { 
} 

webEngine.load("https://example.com");

yway to naprawić?

Aktualizacja

dodam -Djavax.net.debug = wszystko VMOption aby wyświetlić szczegóły tego błędu, a potem znajdę:

URL-Loader-11, otrzymał EOFException: błąd URL-Loader-11, obsługa wyjątków: javax.net.ssl.SSLHandshakeException: Remote gospodarz zamknął połączenie podczas uzgadniania

Poniżej pełny log:

Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 
Allow unsafe renegotiation: false 
Allow legacy hello messages: true 
Is initial handshake: true 
Is secure renegotiation: false 
URL-Loader-11, setSoTimeout(3600000) called 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1 
%% No cached client session 
*** ClientHello, TLSv1.2 
RandomCookie: GMT: 1429261936 bytes = { 78, 102, 51, 3, 227, 71, 247, 110, 13, 31, 1, 249, 251, 191, 182, 146, 152, 35, 185, 132, 144, 219, 68, 50, 42, 165, 168, 205 } 
Session ID: {} 
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] 
Compression Methods: { 0 } 
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1} 
Extension ec_point_formats, formats: [uncompressed] 
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA 
*** 
[write] MD5 and SHA1 hashes: len = 207 
0000: 01 00 00 CB 03 03 55 31 CE 70 4E 66 33 03 E3 47 ......U1.pNf3..G 
0010: F7 6E 0D 1F 01 F9 FB BF B6 92 98 23 B9 84 90 DB .n.........#.... 
0020: 44 32 2A A5 A8 CD 00 00 46 C0 23 C0 27 00 3C C0 D2*.....F.#.'.<. 
0030: 25 C0 29 00 67 00 40 C0 09 C0 13 00 2F C0 04 C0 %.)[email protected]/... 
0040: 0E 00 33 00 32 C0 07 C0 11 00 05 C0 02 C0 0C C0 ..3.2........... 
0050: 2B C0 2F 00 9C C0 2D C0 31 00 9E 00 A2 C0 08 C0 +./...-.1....... 
0060: 12 00 0A C0 03 C0 0D 00 16 00 13 00 04 00 FF 01 ................ 
0070: 00 00 5C 00 0A 00 34 00 32 00 17 00 01 00 03 00 ..\...4.2....... 
0080: 13 00 15 00 06 00 07 00 09 00 0A 00 18 00 0B 00 ................ 
0090: 0C 00 19 00 0D 00 0E 00 0F 00 10 00 11 00 02 00 ................ 
00A0: 12 00 04 00 05 00 14 00 08 00 16 00 0B 00 02 01 ................ 
00B0: 00 00 0D 00 1A 00 18 06 03 06 01 05 03 05 01 04 ................ 
00C0: 03 04 01 03 03 03 01 02 03 02 01 02 02 01 01  ............... 
URL-Loader-11, WRITE: TLSv1.2 Handshake, length = 207 
[Raw write]: length = 212 
0000: 16 03 03 00 CF 01 00 00 CB 03 03 55 31 CE 70 4E ...........U1.pN 
0010: 66 33 03 E3 47 F7 6E 0D 1F 01 F9 FB BF B6 92 98 f3..G.n......... 
0020: 23 B9 84 90 DB 44 32 2A A5 A8 CD 00 00 46 C0 23 #....D2*.....F.# 
0030: C0 27 00 3C C0 25 C0 29 00 67 00 40 C0 09 C0 13 .'.<.%.)[email protected] 
0040: 00 2F C0 04 C0 0E 00 33 00 32 C0 07 C0 11 00 05 ./.....3.2...... 
0050: C0 02 C0 0C C0 2B C0 2F 00 9C C0 2D C0 31 00 9E .....+./...-.1.. 
0060: 00 A2 C0 08 C0 12 00 0A C0 03 C0 0D 00 16 00 13 ................ 
0070: 00 04 00 FF 01 00 00 5C 00 0A 00 34 00 32 00 17 .......\...4.2.. 
0080: 00 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A ................ 
0090: 00 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 ................ 
00A0: 00 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 ................ 
00B0: 00 0B 00 02 01 00 00 0D 00 1A 00 18 06 03 06 01 ................ 
00C0: 05 03 05 01 04 03 04 01 03 03 03 01 02 03 02 01 ................ 
00D0: 02 02 01 01          .... 
URL-Loader-11, received EOFException: error 
URL-Loader-11, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 
URL-Loader-11, SEND TLSv1.2 ALERT: fatal, description = handshake_failure 
URL-Loader-11, WRITE: TLSv1.2 Alert, length = 2 
[Raw write]: length = 7 
0000: 15 03 03 00 02 02 28        ......(
URL-Loader-11, called closeSocket() 
URL-Loader-11, called close() 
URL-Loader-11, called closeInternal(true) 
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 
Allow unsafe renegotiation: false 
Allow legacy hello messages: true 
Is initial handshake: true 
Is secure renegotiation: false 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1 
%% No cached client session 
*** ClientHello, TLSv1.2 
RandomCookie: GMT: 1429261936 bytes = { 9, 49, 116, 72, 24, 164, 72, 165, 44, 25, 150, 147, 0, 29, 236, 63, 194, 176, 136, 220, 66, 244, 111, 254, 15, 109, 124, 206 } 
Session ID: {} 
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] 
Compression Methods: { 0 } 
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1} 
Extension ec_point_formats, formats: [uncompressed] 
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA 
*** 
[write] MD5 and SHA1 hashes: len = 207 
0000: 01 00 00 CB 03 03 55 31 CE 70 09 31 74 48 18 A4 ......U1.p.1tH.. 
0010: 48 A5 2C 19 96 93 00 1D EC 3F C2 B0 88 DC 42 F4 H.,......?....B. 
0020: 6F FE 0F 6D 7C CE 00 00 46 C0 23 C0 27 00 3C C0 o..m....F.#.'.<. 
0030: 25 C0 29 00 67 00 40 C0 09 C0 13 00 2F C0 04 C0 %.)[email protected]/... 
0040: 0E 00 33 00 32 C0 07 C0 11 00 05 C0 02 C0 0C C0 ..3.2........... 
0050: 2B C0 2F 00 9C C0 2D C0 31 00 9E 00 A2 C0 08 C0 +./...-.1....... 
0060: 12 00 0A C0 03 C0 0D 00 16 00 13 00 04 00 FF 01 ................ 
0070: 00 00 5C 00 0A 00 34 00 32 00 17 00 01 00 03 00 ..\...4.2....... 
0080: 13 00 15 00 06 00 07 00 09 00 0A 00 18 00 0B 00 ................ 
0090: 0C 00 19 00 0D 00 0E 00 0F 00 10 00 11 00 02 00 ................ 
00A0: 12 00 04 00 05 00 14 00 08 00 16 00 0B 00 02 01 ................ 
00B0: 00 00 0D 00 1A 00 18 06 03 06 01 05 03 05 01 04 ................ 
00C0: 03 04 01 03 03 03 01 02 03 02 01 02 02 01 01  ............... 
URL-Loader-11, WRITE: TLSv1.2 Handshake, length = 207 
[Raw write]: length = 212 
0000: 16 03 03 00 CF 01 00 00 CB 03 03 55 31 CE 70 09 ...........U1.p. 
0010: 31 74 48 18 A4 48 A5 2C 19 96 93 00 1D EC 3F C2 1tH..H.,......?. 
0020: B0 88 DC 42 F4 6F FE 0F 6D 7C CE 00 00 46 C0 23 ...B.o..m....F.# 
0030: C0 27 00 3C C0 25 C0 29 00 67 00 40 C0 09 C0 13 .'.<.%.)[email protected] 
0040: 00 2F C0 04 C0 0E 00 33 00 32 C0 07 C0 11 00 05 ./.....3.2...... 
0050: C0 02 C0 0C C0 2B C0 2F 00 9C C0 2D C0 31 00 9E .....+./...-.1.. 
0060: 00 A2 C0 08 C0 12 00 0A C0 03 C0 0D 00 16 00 13 ................ 
0070: 00 04 00 FF 01 00 00 5C 00 0A 00 34 00 32 00 17 .......\...4.2.. 
0080: 00 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A ................ 
0090: 00 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 ................ 
00A0: 00 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 ................ 
00B0: 00 0B 00 02 01 00 00 0D 00 1A 00 18 06 03 06 01 ................ 
00C0: 05 03 05 01 04 03 04 01 03 03 03 01 02 03 02 01 ................ 
00D0: 02 02 01 01          .... 
URL-Loader-11, received EOFException: error 
URL-Loader-11, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 
URL-Loader-11, SEND TLSv1.2 ALERT: fatal, description = handshake_failure 
URL-Loader-11, WRITE: TLSv1.2 Alert, length = 2 
[Raw write]: length = 7 
0000: 15 03 03 00 02 02 28        ......(
URL-Loader-11, called closeSocket() 
webEngine result FAILED 
java.lang.Throwable: SSL handshake failed 
java.lang.Throwable: SSL handshake failed 
    at javafx.scene.web.WebEngine$LoadWorker.describeError(WebEngine.java:1390) 
    at javafx.scene.web.WebEngine$LoadWorker.dispatchLoadEvent(WebEngine.java:1329) 
    at javafx.scene.web.WebEngine$LoadWorker.access$1100(WebEngine.java:1207) 
    at javafx.scene.web.WebEngine$PageLoadListener.dispatchLoadEvent(WebEngine.java:1194) 
    at com.sun.webkit.WebPage.fireLoadEvent(WebPage.java:2373) 
    at com.sun.webkit.WebPage.fwkFireLoadEvent(WebPage.java:2217) 
    at com.sun.webkit.network.URLLoader.twkDidFail(Native Method) 
    at com.sun.webkit.network.URLLoader.notifyDidFail(URLLoader.java:842) 
    at com.sun.webkit.network.URLLoader.access$1300(URLLoader.java:43) 
    at com.sun.webkit.network.URLLoader$7.run(URLLoader.java:824) 
    at com.sun.glass.ui.InvokeLaterDispatcher$Future.run(InvokeLaterDispatcher.java:95) 
    at com.sun.glass.ui.win.WinApplication._runLoop(Native Method) 
    at com.sun.glass.ui.win.WinApplication.access$300(WinApplication.java:39) 
    at com.sun.glass.ui.win.WinApplication$4$1.run(WinApplication.java:112) 
    at java.lang.Thread.run(Thread.java:744)

Napisałem przeglądarkę za pomocą formantu JavaFX WebView. Wszystko jest w porządku, dopóki nie spróbuję załadować zaszyfrowanej strony. Próbuję https://www.gmail.com i otrzymuję "Nieznany błąd" we właściwości wyjątku obciążenia. Dzieje się tak tylko wtedy, gdy pakuję aplikację jako samodzielną; kiedy uruchamiam projekt w NetBeans, wszystko jest w porządku. Zgaduję, że ma to związek z certyfikatami SSL, ale próbowałem prawie wszystkiego, co mogłem wymyślić, w tym importowania każdego certyfikatu do magazynu zaufanych certyfikatów za pomocą "keytool", ale nic nie działa.

Wszelkie pomysły? Bardzo doceniane. Dzięki.

Źródło

2015-04-15 Viet

+2

Zamiast starać się realizować swoje własne Menedżer zaufania można [zaimportować certyfikat z podpisem własnym] (http://stackoverflow.com/questions/11617210/how-to-properly-import-a-selfsigned- certificate-into-java-keystore-to-is-avail), aby można było zaufać istniejącemu istnieniu magazynu zaufania jre cacerts przed uruchomieniem programu? – jewelsea

+0

Próbowałem również dodać mój certyfikat do jre cacerts: keytool -import -alias pop3 -keystore "C: \ Program Files (x86) \ Java \ jre8 \ lib \ security \ cacerts" -file pop3.cer. Otrzymałem: Zaufaj temu certyfikatowi? [no]: yes Certyfikat został dodany do magazynu kluczy. Ale nic się nie zmienia. Nadal rzuca "nieudany handshake SSL" – Viet

+0

Przez "samodzielny" domyślam się, że masz na myśli aplikację w pakiecie z javapackager. Jeśli tak, czy ta sama wirtualna maszyna JVM zostanie dołączona do pakietu, do którego keytool wstawia twój certyfikat? –

Odpowiedz

1

W swoim rozwiązaniu z TrustManager, musisz dodać dodatkowe instrukcje po zainstalowaniu całkowicie ufającego menedżera zaufania.

znalazłem pełne rozwiązanie tutaj:

http://www.nakov.com/blog/2009/07/16/disable-certificate-validation-in-java-ssl-connections/

Testowałem go na JDK-wersji 9.0.1 i działa.

// Create all-trusting host name verifier 
HostnameVerifier allHostsValid = new HostnameVerifier() { 
    public boolean verify(String hostname, SSLSession session) { 
     return true; 
    } 
}; 

// Install the all-trusting host verifier 
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);

Źródło

2017-12-12 01:01:28 Yirco

 Powiązane problemy

  • Brak powiązanych problemów^_^