我的 Java 1.8、Spring 4 Web 服务正在尝试访问需要 TLS 1.2 的外部网站。我已在 Websphere 8.5.5.10 上部署了我的服务,并进行了添加此处提到的 TLS 1.2 所需的所有更改 - https://www.ibm.com/support/knowledgecenter/en/SS2L6K_5.0.0/com.ibm.rational.relm.install.doc/topics/t_enable_tls1.2_was.html
我收到以下错误:
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https website": Unsupported SignatureAndHashAlgorithm in ServerKeyExchange message**; nested exception is javax.net.ssl.SSLHandshakeException: Unsupported SignatureAndHashAlgorithm in ServerKeyExchange message
[10/3/17 11:39:10:600 PDT] 000000a4 SystemErr R org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https website": Unsupported SignatureAndHashAlgorithm in ServerKeyExchange message; nested exception is javax.net.ssl.SSLHandshakeException: Unsupported SignatureAndHashAlgorithm in ServerKeyExchange message
[10/3/17 11:39:10:600 PDT] 000000a4 SystemErr R at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:666)
[10/3/17 11:39:10:601 PDT] 000000a4 SystemErr R at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:613)
[10/3/17 11:39:10:601 PDT] 000000a4 SystemErr R at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:531)
[10/3/17 11:39:10:601 PDT] 000000a4 SystemErr R at org.kp.hrts.casemessage.adaptor.AuthServiceAdaptor.get(AuthServiceAdaptor.java:86)
[10/3/17 11:39:10:601 PDT] 000000a4 SystemErr R at org.kp.hrts.casemessage.processor.FulfillmentCaseProcessor.sendRequest(FulfillmentCaseProcessor.java:70)
[10/3/17 11:39:10:601 PDT] 000000a4 SystemErr R at org.kp.hrts.casemessage.listener.CaseMessageListener.onMessage(CaseMessageListener.java:57)
[10/3/17 11:39:10:601 PDT] 000000a4 SystemErr R at org.springframework.jms.listener.AbstractMessageListenerContainer.doInvokeListener(AbstractMessageListenerContainer.java:721)
[10/3/17 11:39:10:601 PDT] 000000a4 SystemErr R at org.springframework.jms.listener.AbstractMessageListenerContainer.invokeListener(AbstractMessageListenerContainer.java:681)
[10/3/17 11:39:10:601 PDT] 000000a4 SystemErr R at org.springframework.jms.listener.AbstractMessageListenerContainer.doExecuteListener(AbstractMessageListenerContainer.java:651)
[10/3/17 11:39:10:601 PDT] 000000a4 SystemErr R at org.springframework.jms.listener.AbstractPollingMessageListenerContainer.doReceiveAndExecute(AbstractPollingMessageListenerContainer.java:317)
[10/3/17 11:39:10:601 PDT] 000000a4 SystemErr R at org.springframework.jms.listener.AbstractPollingMessageListenerContainer.receiveAndExecute(AbstractPollingMessageListenerContainer.java:255)
[10/3/17 11:39:10:601 PDT] 000000a4 SystemErr R at org.springframework.jms.listener.DefaultMessageListenerContainer$AsyncMessageListenerInvoker.invokeListener(DefaultMessageListenerContainer.java:1166)
[10/3/17 11:39:10:601 PDT] 000000a4 SystemErr R at org.springframework.jms.listener.DefaultMessageListenerContainer$AsyncMessageListenerInvoker.executeOngoingLoop(DefaultMessageListenerContainer.java:1158)
[10/3/17 11:39:10:601 PDT] 000000a4 SystemErr R at org.springframework.jms.listener.DefaultMessageListenerContainer$AsyncMessageListenerInvoker.run(DefaultMessageListenerContainer.java:1055)
[10/3/17 11:39:10:602 PDT] 000000a4 SystemErr R at java.lang.Thread.run(Thread.java:785)
[10/3/17 11:39:10:602 PDT] 000000a4 SystemErr R Caused by: javax.net.ssl.SSLHandshakeException: Unsupported SignatureAndHashAlgorithm in ServerKeyExchange message
[10/3/17 11:39:10:602 PDT] 000000a4 SystemErr R at com.ibm.jsse2.x$k.<init>(x$k.java:77)
[10/3/17 11:39:10:602 PDT] 000000a4 SystemErr R at com.ibm.jsse2.D.a(D.java:649)
[10/3/17 11:39:10:602 PDT] 000000a4 SystemErr R at com.ibm.jsse2.C.r(C.java:44)
[10/3/17 11:39:10:602 PDT] 000000a4 SystemErr R at com.ibm.jsse2.C.a(C.java:184)
[10/3/17 11:39:10:602 PDT] 000000a4 SystemErr R at com.ibm.jsse2.as.a(as.java:481)
[10/3/17 11:39:10:602 PDT] 000000a4 SystemErr R at com.ibm.jsse2.as.i(as.java:130)
[10/3/17 11:39:10:602 PDT] 000000a4 SystemErr R at com.ibm.jsse2.as.a(as.java:483)
[10/3/17 11:39:10:602 PDT] 000000a4 SystemErr R at com.ibm.jsse2.as.startHandshake(as.java:160)
[10/3/17 11:39:10:602 PDT] 000000a4 SystemErr R at com.ibm.ws.ssl.config.WSSocket.startHandshake(WSSocket.java:414)
[10/3/17 11:39:10:602 PDT] 000000a4 SystemErr R at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(c.java:12)
[10/3/17 11:39:10:603 PDT] 000000a4 SystemErr R at com.ibm.net.ssl.www2.protocol.https.d.connect(d.java:15)
[10/3/17 11:39:10:603 PDT] 000000a4 SystemErr R at com.ibm.net.ssl.www2.protocol.https.b.connect(b.java:64)
[10/3/17 11:39:10:603 PDT] 000000a4 SystemErr R at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:78)
[10/3/17 11:39:10:603 PDT] 000000a4 SystemErr R at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
[10/3/17 11:39:10:603 PDT] 000000a4 SystemErr R at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:53)
[10/3/17 11:39:10:603 PDT] 000000a4 SystemErr R at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:652)
[10/3/17 11:39:10:603 PDT] 000000a4 SystemErr R ... 14 more
如有任何意见,我们将不胜感激!
最佳答案
正如 @Alaine 所建议的,问题是链接中给出的启用 SP800-131a 的附加步骤。 我按照链接中建议的步骤进行操作: https://developer.ibm.com/answers/questions/206952/how-do-i-configure-websphere-application-server-ss.html
此外,在与 IBM 团队交谈后,建议我使用 SSL_TLSv2 而不是 TLSv1.2,因为 SSL_TLSv2 支持 SSL 和 TLS 1.x。
希望这对某人有帮助!
关于java - 在 Websphere 8.5.5.10 中添加 TLS 1.2 后出现 Unsupported SignatureAndHashAlgorithm 错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46551445/