自从昨天在我的 AWS 机器上进行了 Linux 更新后,我无法再连接到 HTTPS 站点。运行我的 Groovy (Java) 脚本时出现以下错误:
javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1842)
at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1825)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1346)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:439)
at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:424)
at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:178)
at org.jsoup.helper.HttpConnection.get(HttpConnection.java:167)
at org.jsoup.Connection$get$1.call(Unknown Source)
at SiteConnector.run(SiteConnector.groovy:59)
at groovy.lang.GroovyShell.runScriptOrMainOrTestOrRunnable(GroovyShell.java:258)
at groovy.lang.GroovyShell.run(GroovyShell.java:502)
at groovy.lang.GroovyShell.run(GroovyShell.java:491)
at groovy.ui.GroovyMain.processOnce(GroovyMain.java:650)
at groovy.ui.GroovyMain.run(GroovyMain.java:381)
at groovy.ui.GroovyMain.process(GroovyMain.java:367)
at groovy.ui.GroovyMain.processArgs(GroovyMain.java:126)
at groovy.ui.GroovyMain.main(GroovyMain.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.codehaus.groovy.tools.GroovyStarter.rootLoader(GroovyStarter.java:106)
at org.codehaus.groovy.tools.GroovyStarter.main(GroovyStarter.java:128)
Caused by: java.lang.RuntimeException: Could not generate DH keypair
at sun.security.ssl.DHCrypt.<init>(DHCrypt.java:136)
at sun.security.ssl.ClientHandshaker.serverKeyExchange(ClientHandshaker.java:621)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:205)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)
... 24 more
Caused by: java.security.InvalidAlgorithmParameterException: Prime size must be multiple of 64, and can only range from 512 to 1024 (inclusive)
at com.sun.crypto.provider.DHKeyPairGenerator.initialize(DHKeyPairGenerator.java:120)
at java.security.KeyPairGenerator$Delegate.initialize(KeyPairGenerator.java:658)
at sun.security.ssl.DHCrypt.<init>(DHCrypt.java:127)
... 31 more
我假设 Amazon Linux 对具有此错误的 Java 版本 (1.7.0_65) 有新的依赖性 - 我该如何解决它(https://stackoverflow.com/a/16687105/438001 提到 Java 版本中的问题)?什么是没有这个问题的 Java 版本以及我如何在 AWS 上安装它(解决依赖关系的正确存储库是什么 - Amazon Linux 只向我显示要使用 yum 安装的当前 Java 版本)。
如果 Java 版本不是问题,我怎样才能让下面的行再次工作(顺便说一句,这是堆栈跟踪中提到的第 59 行):
Jsoup.connect(httpsURL).userAgent(USER_AGENT).timeout(TIMEOUT).get()
非常感谢, 约尔格
最佳答案
最后,我的解决方案是基于这些安装 Java 8 (jdk-8u20-linux-x64.tar.gz) instructions - 正如@owlstead 提到的,至少 Java 8 可以支持加密。我不确定问题是由于 AWS linux 机器的更新引起的,还是我尝试联系的网站更新了他们的加密方法(当时与 Java 7 的加密技术不兼容)。
关于java - AWS : Could not generate DH keypair with openjdk-1. 7.0_65,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/25817318/