2017-11-18 129 views
1

我的服務器安裝了ColdFusion 10。我收到以下錯誤,當我測試我的服務器上Authorize.net支付:I/O異常:收到致命警報:protocol_version - Coldfusion + Authorize.net

I/O Exception: Received fatal alert: protocol_version 

這裏是CFHTTP請求:

<cfhttp method="Post" url="https://test.authorize.net/gateway/transact.dll" result="test"> 
    //Passed params here 
</cfhttp> 

貌似這個錯誤是由於一個SSL andshake_failure。調試並解決此問題。我跟着this tutorial將我的證書添加到我的密鑰庫。

這裏是ColdFusion的-out.log細節吧:

AM Information [ajp-bio-8012-exec-6] - Starting HTTP request {URL='https://test.authorize.net:443/gateway/transact.dll', method='Post'} 
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 
Allow unsafe renegotiation: false 
Allow legacy hello messages: true 
Is initial handshake: true 
Is secure renegotiation: false 
%% No cached client session 
*** ClientHello, TLSv1 
RandomCookie: GMT: 1511005047 bytes = { 67, 167, 50, 23, 163, 143, 93, 78, 34, 130, 190, 65, 198, 95, 171, 222, 138, 10, 186, 140, 135, 200, 81, 223, 162, 61, 12, 196 } 
Session ID: {} 
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] 
Compression Methods: { 0 } 
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1} 
Extension ec_point_formats, formats: [uncompressed] 
Extension server_name, server_name: [host_name: test.authorize.net] 
*** 
[write] MD5 and SHA1 hashes: len = 176 
0000: 01 00 00 AC 03 01 5A 10 1B 77 43 A7 32 17 A3 8F ......Z..wC.2... 
0010: 5D 4E 22 82 BE 41 C6 5F AB DE 8A 0A BA 8C 87 C8 ]N"..A._........ 
0020: 51 DF A2 3D 0C C4 00 00 2A C0 09 C0 13 00 2F C0 Q..=....*...../. 
0030: 04 C0 0E 00 33 00 32 C0 08 C0 12 00 0A C0 03 C0 ....3.2......... 
0040: 0D 00 16 00 13 C0 07 C0 11 00 05 C0 02 C0 0C 00 ................ 
0050: 04 00 FF 01 00 00 59 00 0A 00 34 00 32 00 17 00 ......Y...4.2... 
0060: 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A 00 ................ 
0070: 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 00 ................ 
0080: 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 00 ................ 
0090: 0B 00 02 01 00 00 00 00 17 00 15 00 00 12 74 65 ..............te 
00A0: 73 74 2E 61 75 74 68 6F 72 69 7A 65 2E 6E 65 74 st.authorize.net 
ajp-bio-8012-exec-6, WRITE: TLSv1 Handshake, length = 176 
[Raw write]: length = 181 
0000: 16 03 01 00 B0 01 00 00 AC 03 01 5A 10 1B 77 43 ...........Z..wC 
0010: A7 32 17 A3 8F 5D 4E 22 82 BE 41 C6 5F AB DE 8A .2...]N"..A._... 
0020: 0A BA 8C 87 C8 51 DF A2 3D 0C C4 00 00 2A C0 09 .....Q..=....*.. 
0030: C0 13 00 2F C0 04 C0 0E 00 33 00 32 C0 08 C0 12 .../.....3.2.... 
0040: 00 0A C0 03 C0 0D 00 16 00 13 C0 07 C0 11 00 05 ................ 
0050: C0 02 C0 0C 00 04 00 FF 01 00 00 59 00 0A 00 34 ...........Y...4 
0060: 00 32 00 17 00 01 00 03 00 13 00 15 00 06 00 07 .2.............. 
0070: 00 09 00 0A 00 18 00 0B 00 0C 00 19 00 0D 00 0E ................ 
0080: 00 0F 00 10 00 11 00 02 00 12 00 04 00 05 00 14 ................ 
0090: 00 08 00 16 00 0B 00 02 01 00 00 00 00 17 00 15 ................ 
00A0: 00 00 12 74 65 73 74 2E 61 75 74 68 6F 72 69 7A ...test.authoriz 
00B0: 65 2E 6E 65 74          e.net 
[Raw read]: length = 5 
0000: 15 03 01 00 02          ..... 
[Raw read]: length = 2 
0000: 02 46            .F 
ajp-bio-8012-exec-6, READ: TLSv1 Alert, length = 2 
ajp-bio-8012-exec-6, RECV TLSv1 ALERT: fatal, protocol_version 
ajp-bio-8012-exec-6, called closeSocket() 
ajp-bio-8012-exec-6, handling exception: javax.net.ssl.SSLException: Received fatal alert: protocol_version 
Finalizer, called close() 
Finalizer, called closeInternal(true) 

添加認證後,我還是收到了同樣的錯誤。然後,我在jvm.config中添加了以下幾行:

-Djavax.net.ssl.keyStore=C:\\ColdFusion10\\jre\\lib\\security\\cacerts 
-Djavax.net.ssl.keyStorePassword=password 
-Djavax.net.ssl=debug 
-Djavax.net.debug=all 

我仍然遇到同樣的錯誤。

還有一個想法是,Authorize.net需要TLS 1.2來處理它們的API請求。我目前在CF 10上使用Java 1.7。我是否需要將我的Java版本升級到1.8才能提出請求?任何人都可以幫我解決這個問題嗎?

回答

0

我已將JAVA版本升級到1.8版本,問題得到解決。

相關問題