我正在尝试连接到我拥有的新 Minecraft 服务器(也来 self 拥有的客户端)。这是带有 Java 10 和最新 Minecraft 1.12 服务器的全新 Ubuntu 18.04 安装。
在连接期间,JRE 正在建立到身份验证服务器的连接,并且整个连接(从 Minecraft 服务器的角度来看)以
[09:06:57] [User Authenticator #4/ERROR]: Couldn't verify username because servers are unavailable
[09:06:57] [Server thread/INFO]: com.mojang.authlib.GameProfile@949cab4d[id=<null>,name=TheNameOfTheUser,properties={},legacy=false] (/10.1.1.19: 41433) lost connection: Authentication servers are down. Please try again later, sorry!
身份验证服务器肯定没有关闭,我跟踪了连接并在网络转储中看到
No. Time Source Destination Protocol Length Info
98 3.254294 10.200.0.133 54.230.198.91 TCP 74 43370 → 443 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=1994960819 TSecr=0 WS=128
No. Time Source Destination Protocol Length Info
99 3.265065 54.230.198.91 10.200.0.133 TCP 74 443 → 43370 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=1446415026 TSecr=1994960819 WS=256
No. Time Source Destination Protocol Length Info
100 3.265079 10.200.0.133 54.230.198.91 TCP 66 43370 → 443 [ACK] Seq=1 Ack=1 Win=29312 Len=0 TSval=1994960830 TSecr=1446415026
No. Time Source Destination Protocol Length Info
101 3.266259 10.200.0.133 54.230.198.91 TLSv1.2 342 Client Hello
No. Time Source Destination Protocol Length Info
102 3.275952 54.230.198.91 10.200.0.133 TCP 66 443 → 43370 [ACK] Seq=1 Ack=277 Win=30208 Len=0 TSval=1446415027 TSecr=1994960831
No. Time Source Destination Protocol Length Info
103 3.279589 54.230.198.91 10.200.0.133 TLSv1.2 5538 Server Hello, Certificate, Certificate Status, Server Key Exchange, Server Hello Done
Frame 103: 5538 bytes on wire (44304 bits), 5538 bytes captured (44304 bits)
Ethernet II, Src: 12:5b:d3:1d:51:cf (12:5b:d3:1d:51:cf), Dst: d6:8b:35:0c:a2:f2 (d6:8b:35:0c:a2:f2)
Internet Protocol Version 4, Src: 54.230.198.91, Dst: 10.200.0.133
Transmission Control Protocol, Src Port: 443, Dst Port: 43370, Seq: 1, Ack: 277, Len: 5472
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 65
Handshake Protocol: Server Hello
TLSv1.2 Record Layer: Handshake Protocol: Certificate
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 4566
Handshake Protocol: Certificate
TLSv1.2 Record Layer: Handshake Protocol: Certificate Status
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 479
Handshake Protocol: Certificate Status
TLSv1.2 Record Layer: Handshake Protocol: Server Key Exchange
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 333
Handshake Protocol: Server Key Exchange
TLSv1.2 Record Layer: Handshake Protocol: Server Hello Done
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 4
Handshake Protocol: Server Hello Done
No. Time Source Destination Protocol Length Info
104 3.279602 10.200.0.133 54.230.198.91 TCP 66 43370 → 443 [ACK] Seq=277 Ack=5473 Win=40192 Len=0 TSval=1994960844 TSecr=1446415028
Frame 104: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: d6:8b:35:0c:a2:f2 (d6:8b:35:0c:a2:f2), Dst: 12:5b:d3:1d:51:cf (12:5b:d3:1d:51:cf)
Internet Protocol Version 4, Src: 10.200.0.133, Dst: 54.230.198.91
Transmission Control Protocol, Src Port: 43370, Dst Port: 443, Seq: 277, Ack: 5473, Len: 0
No. Time Source Destination Protocol Length Info
105 3.280246 10.200.0.133 54.230.198.91 TLSv1.2 73 Alert (Level: Fatal, Description: Internal Error)
Frame 105: 73 bytes on wire (584 bits), 73 bytes captured (584 bits)
Ethernet II, Src: d6:8b:35:0c:a2:f2 (d6:8b:35:0c:a2:f2), Dst: 12:5b:d3:1d:51:cf (12:5b:d3:1d:51:cf)
Internet Protocol Version 4, Src: 10.200.0.133, Dst: 54.230.198.91
Transmission Control Protocol, Src Port: 43370, Dst Port: 443, Seq: 277, Ack: 5473, Len: 7
Secure Sockets Layer
TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Internal Error)
Content Type: Alert (21)
Version: TLS 1.2 (0x0303)
Length: 2
Alert Message
Level: Fatal (2)
Description: Internal Error (80)
No. Time Source Destination Protocol Length Info
106 3.280277 10.200.0.133 54.230.198.91 TCP 66 43370 → 443 [FIN, ACK] Seq=284 Ack=5473 Win=40192 Len=0 TSval=1994960845 TSecr=1446415028
Frame 106: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: d6:8b:35:0c:a2:f2 (d6:8b:35:0c:a2:f2), Dst: 12:5b:d3:1d:51:cf (12:5b:d3:1d:51:cf)
Internet Protocol Version 4, Src: 10.200.0.133, Dst: 54.230.198.91
Transmission Control Protocol, Src Port: 43370, Dst Port: 443, Seq: 284, Ack: 5473, Len: 0
No. Time Source Destination Protocol Length Info
112 3.290075 54.230.198.91 10.200.0.133 TCP 66 443 → 43370 [FIN, ACK] Seq=5473 Ack=285 Win=30208 Len=0 TSval=1446415029 TSecr=1994960845
Frame 112: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: 12:5b:d3:1d:51:cf (12:5b:d3:1d:51:cf), Dst: d6:8b:35:0c:a2:f2 (d6:8b:35:0c:a2:f2)
Internet Protocol Version 4, Src: 54.230.198.91, Dst: 10.200.0.133
Transmission Control Protocol, Src Port: 443, Dst Port: 43370, Seq: 5473, Ack: 285, Len: 0
No. Time Source Destination Protocol Length Info
113 3.290088 10.200.0.133 54.230.198.91 TCP 66 43370 → 443 [ACK] Seq=285 Ack=5474 Win=40192 Len=0 TSval=1994960855 TSecr=1446415029
Frame 113: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
Ethernet II, Src: d6:8b:35:0c:a2:f2 (d6:8b:35:0c:a2:f2), Dst: 12:5b:d3:1d:51:cf (12:5b:d3:1d:51:cf)
Internet Protocol Version 4, Src: 10.200.0.133, Dst: 54.230.198.91
Transmission Control Protocol, Src Port: 43370, Dst Port: 443, Seq: 285, Ack: 5474, Len: 0
问题出在第 105 帧,那里发生了 Internal Error。由于游戏是用 Java 编写的,我认为这与 Java TLS 实现很相似,这个“内部错误”实际上可能意味着更多?
作为可能的原因之一,我重新安装了 Java 证书 (update-ca-certificates -f),但没有成功。
最佳答案
感谢@gusto2 的提示
这最终成为 Ubuntu 18.04 中的一个错误。详情在another SO answer , TL;DR 解决方案是以 root 身份运行
# /usr/bin/printf '\xfe\xed\xfe\xed\x00\x00\x00\x02\x00\x00\x00\x00\xe2\x68\x6e\x45\xfb\x43\xdf\xa4\xd9\x92\xdd\x41\xce\xb6\xb2\x1c\x63\x30\xd7\x92' > /etc/ssl/certs/java/cacerts
# /var/lib/dpkg/info/ca-certificates-java.postinst configure
关于java - 什么 Java TLS 操作会在握手时产生 fatal error ?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50895338/