io.netty.handler.ssl.SslHandler setHandshakeFailure
WARNING: SSLEngine.closeInbound() raised an exception due to closed connection.
javax.net.ssl.SSLException: Inbound closed before receiving peer’s close_notify: possible truncation attack?
at sun.security.ssl.Alerts.getSSLException(UnkNown Source)
at sun.security.ssl.SSLEngineImpl.fatal(UnkNown Source)
at sun.security.ssl.SSLEngineImpl.fatal(UnkNown Source)
at sun.security.ssl.SSLEngineImpl.closeInbound(UnkNown Source)
at io.netty.handler.ssl.SslHandler.setHandshakeFailure(SslHandler.java:905)
at io.netty.handler.ssl.SslHandler.channelInactive(SslHandler.java:576)
at io.netty.channel.DefaultChannelHandlerContext.invokeChannelInactive(DefaultChannelHandlerContext.java:819)
at io.netty.channel.DefaultChannelHandlerContext.access$1300(DefaultChannelHandlerContext.java:38)
at io.netty.channel.DefaultChannelHandlerContext$5.run(DefaultChannelHandlerContext.java:808)
at io.netty.channel.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:259)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:305)
at io.netty.channel.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:110)
at java.lang.Thread.run(UnkNown Source)
在客户端:
No response. Is the certificate valid? Click here to check.
在Chrome的地址栏中发出相同的请求,即相同的服务器端异常.在Firefox的地址栏上发布相同的例外情况,同时Firefox正在显示有关证书不是来自可信CA的警告页面.此异常似乎非常通用,并不直接指示协议的状态.这是否意味着这三个客户端(Chrome,Firefox,DHC by Restlet)没有很好地播放协议而只是在服务器上消失而不是发送close_notify?或者这是SSL RFC所要求的客户端行为,还是仅面向安全的客户端设计?
解决方法
Chrome doesn’t provide an API for managing certificates. In other words,we have no API to automatically accept your certificate nor a way how to raise ‘untrusted certificate’ dialog. But,you can use a little workaround:
- Open the https URL in another tab.
- Manually accept the certificate.
- Go back to DHC and it will work because your certificate has been accepted manually (is stored in your Chrome) by the prevIoUs step.
Usually you have to do this just once.
原文地址:https://www.jb51.cc/java/128767.html
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
