1. 首頁
  2. 問答
  3. 證書不符合算法約束 - Java1.8_51

證書不符合算法約束 - Java1.8_51

2016-07-05 86 views
1

我在連接到HTTPS服務時遇到異常。證書不符合算法約束 - Java1.8_51

我已經在多個論壇中進行了交叉檢查,並且理解服務器中使用的算法可能不太適合Java1.8的標準。

通過評論「Java \ jdk1.8.0_51 \ jre \ lib \ security \ java.security」文件中的「jdk.certpath.disabledAlgorithms」屬性,我們可以啓用禁用的算法。但它沒有幫助,甚至在發表評論之後也得到同樣的錯誤。

其他分析要點:

  • 更新了無限強度本地策略jar文件。
  • 能夠使用同一臺 機器的獨立程序連接到該服務。
  • 即使 已啓用「jdk.certpath.disabledAlgorithms」屬性,即可從獨立程序連接到該服務。

我的代碼使用自簽名證書連接到HTTPS連接,該證書中的算法是否會超過默認的java屬性? 以下例外的其他可能性?

javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does not conform to algorithm constraints 
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[na:1.8.0_51] 
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) ~[na:1.8.0_51] 
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) ~[na:1.8.0_51] 
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) ~[na:1.8.0_51] 
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1497) ~[na:1.8.0_51] 
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212) ~[na:1.8.0_51] 
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) ~[na:1.8.0_51] 
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) ~[na:1.8.0_51] 
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) ~[na:1.8.0_51] 
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) ~[na:1.8.0_51] 
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747) ~[na:1.8.0_51] 
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123) ~[na:1.8.0_51] 
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) ~[na:1.8.0_51] 
at java.io.BufferedOutputStream.write(BufferedOutputStream.java:121) ~[na:1.8.0_51] 
at org.apache.commons.httpclient.WireLogOutputStream.write(WireLogOutputStream.java:68) ~[commons-httpclient-3.1.jar:na] 
at org.apache.commons.httpclient.methods.multipart.FilePart.sendData(FilePart.java:223) ~[commons-httpclient-3.1.jar:na] 
at org.apache.commons.httpclient.methods.multipart.Part.send(Part.java:312) ~[commons-httpclient-3.1.jar:na] 
at org.apache.commons.httpclient.methods.multipart.Part.sendParts(Part.java:385) ~[commons-httpclient-3.1.jar:na] 
at org.apache.commons.httpclient.methods.multipart.MultipartRequestEntity.writeRequest(MultipartRequestEntity.java:164) ~[commons-httpclient-3.1.jar:na] 
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499) ~[commons-httpclient-3.1.jar:na] 
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114) ~[commons-httpclient-3.1.jar:na] 
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096) ~[commons-httpclient-3.1.jar:na] 
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) ~[commons-httpclient-3.1.jar:na] 
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) ~[commons-httpclient-3.1.jar:na] 
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) ~[commons-httpclient-3.1.jar:na] 
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) ~[commons-httpclient-3.1.jar:na]

來源

2016-07-05 Selva

+0

可能重複的[java.security.cert.CertificateException:證書不符合算法約束](http://stackoverflow.com/questions/14149545/java-security-cert-certificateexception-certificates-does-not- conform-to-algori) – ryenus

回答

0

你的問題可能是

「我的代碼使用自簽名證書連接到HTTPS連接」

不要使用自簽名證書,或者,那麼你必須讓它信任在服務器和客戶端。

來源

2016-07-05 19:24:11 pepo

+0

我也嘗試過使用實際的證書代替自簽名,仍然得到相同的異常 – Selva

+0

@Selva而這些證書來自可信CA,對吧?如果不將CA證書導入適當的(中間/根)java證書存儲區。 – pepo

+0

是的,這些證書是可信的CA – Selva

相關問題

 相關問題