我正在尝试运行一个对服务器进行 https 调用的 Java 应用程序,但不断收到以下 SSL 错误:
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:882)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:654)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:100)
at java.io.BufferedOutputStream.write(BufferedOutputStream.java:105)
at org.apache.commons.httpclient.HttpConnection.write(HttpConnection.java:974)
at org.apache.commons.httpclient.HttpConnection.write(HttpConnection.java:942)
at org.apache.commons.httpclient.HttpConnection.print(HttpConnection.java:1032)
at org.apache.commons.httpclient.HttpMethodBase.writeRequestLine(HttpMethodBase.java:2077)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:1918)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:993)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:397)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:170)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324)
...
...
...
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:462)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:863)
我在其他帖子上读到我需要在 lib/security/cacerts 中添加证书。因此,我使用 Firefox 从服务器下载了证书文件,并运行了以下命令:
sudo keytool -import -keystore cacerts -storepass changeit -alias samplecert-root -trustcacerts -file VeriSignClass3SecureServerCA.crt
Certificate was added to keystore
但是,我仍然不断收到错误消息。问题是什么?我是否将证书正确添加到 keystore ?
最佳答案
在我的例子中,错误的原因是我使用的证书作为客户端证书,而该证书是仅限服务器的证书。
关于javax.net.ssl.SSLHandshakeException :Remote host closed connection during handshake,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/29911073/