2015-09-23 80 views
0

我試圖傳送iOS使用javapns庫推送通知。該代碼在java 6上工作正常,但不能在java 7上工作。我試圖在Java代碼 this.socket.getOutputStream()。write(bytes); 但得到以下異常: -SSL套接字寫使連接復位異常

2015年9月24日02:01:17330 [JavaPNS在LIST 模式分組通知線程] ERROR javapns.notification.PushNotificationManager (PushNotificationManager.java:496) - 交付錯誤 java.net.SocketException:連接重置 at java.net.SocketInputStream.read(SocketInputStream.java:196)〜[?:1.7.0_79] at java.net.SocketInputStream.read(SocketInputStream.java:122)〜 [:?1.7.0_79] 在sun.security.ssl.InputRecord.readFully(InputRecord.java:442)〜[:?1.7.0_79] 在sun.security.ssl.InputRecord.read(InputRecord.java:480 )〜[?:1.7。 0_79] 在sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:934) 〜[:?1.7.0_79] 在sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) 〜[ [:1.7.0_79] at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:122 ) 〜[?:1.7.0_79] at java.io.OutputStream.write(OutputStream.java:75)〜[?:1.7.0_79] at javapns.notification.PushNotificationManager.sendNotification(PushNotificationManager.java:464) [utils的-1.0.jar:?] 在javapns.notification.PushNotificationManager.sendNotification(普shNotificationManager.java:409) [utils-1.0.jar :?] at javapns.notification.transmission.NotificationThread.runList(NotificationThread.java:283) [utils-1.0.jar :?] at javapns.notification。 transmission.NotificationThread.run(NotificationThread.java:254) [utils的-1.0.jar:?] 在java.lang.Thread.run(Thread.java:745)[:?1.7.0_79]

以下是我的SSL調試日誌: -

*** Certificate chain 

chain [0] = [ 
[ 
    Version: V3 
    Subject: ........ 
    Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 

    Key: Sun RSA public key, 2048 bits 
    modulus: 2222249104456426478692545030112866080040403745540221193715569376543945126677581406493511130823650391766165838045360722344467119750792222737231069449833178420339724955962056250684773865813749442996786523515413992723732851565979866969364954283364866452583889842335983365094222956361542005580139851028209075011691675910875254515903326726955361044783053213280159475753586357477700365829566
    public exponent: 65537 
    Validity: [From: Thu Jul 16 12:10:32 IST 2015, 
       To: Fri Jul 15 12:10:32 IST 2016] 
    Issuer: CN=Apple Worldwide Developer Relations Certification Authority, OU=Apple Worldwide Developer Relations, O=Apple Inc., C=US 
    SerialNumber: [ 25dea3f4 f4f072b3] 

Certificate Extensions: 8 
[1]: ObjectId: 1.2.840.113635.100.6.1.2 Criticality=true 
Extension unknown: DER encoded OCTET string = 
0000: 04 02 05 00          .... 


[2]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false 
AuthorityInfoAccess [ 
    [ 
    accessMethod: ocsp 
    accessLocation: URIName: http://ocsp.apple.com/ocsp03-wwdr01 
] 
] 

[3]: ObjectId: 2.5.29.35 Criticality=false 
AuthorityKeyIdentifier [ 
KeyIdentifier [ 
0000: 88 27 17 09 A9 B6 18 60 8B EC EB BA F6 47 59 C5 .'.....`.....GY. 
0010: 52 54 A3 B7          RT.. 
] 
] 

[4]: ObjectId: 2.5.29.19 Criticality=true 
BasicConstraints:[ 
    CA:false 
    PathLen: undefined 
] 

[5]: ObjectId: 2.5.29.32 Criticality=false 
CertificatePolicies [ 
    [CertificatePolicyId: [1.2.840.113635.100.5.1] 
[PolicyQualifierInfo: [ 
    qualifierID: 1.3.6.1.5.5.7.2.2 
    qualifier: 0000: 30 81 B6 0C 81 B3 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 
0010: 6E 20 74 68 69 73 20 63 65 72 74 69 66 69 63 61 n this certifica 
0020: 74 65 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 te by any party 
0030: 61 73 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E assumes acceptan 
0040: 63 65 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 ce of the then a 
0050: 70 70 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 pplicable standa 
0060: 72 64 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E rd terms and con 
0070: 64 69 74 69 6F 6E 73 20 6F 66 20 75 73 65 2C 20 ditions of use, 
0080: 63 65 72 74 69 66 69 63 61 74 65 20 70 6F 6C 69 certificate poli 
0090: 63 79 20 61 6E 64 20 63 65 72 74 69 66 69 63 61 cy and certifica 
00A0: 74 69 6F 6E 20 70 72 61 63 74 69 63 65 20 73 74 tion practice st 
00B0: 61 74 65 6D 65 6E 74 73 2E      atements. 

], PolicyQualifierInfo: [ 
    qualifierID: 1.3.6.1.5.5.7.2.1 
    qualifier: 0000: 16 2A 68 74 74 70 3A 2F 2F 77 77 77 2E 61 70 70 .*http://www.app 
0010: 6C 65 2E 63 6F 6D 2F 63 65 72 74 69 66 69 63 61 le.com/certifica 
0020: 74 65 61 75 74 68 6F 72 69 74 79 2F    teauthority/ 

]] ] 
] 

[6]: ObjectId: 2.5.29.37 Criticality=true 
ExtendedKeyUsages [ 
    codeSigning 
] 

[7]: ObjectId: 2.5.29.15 Criticality=true 
KeyUsage [ 
    DigitalSignature 
] 

[8]: ObjectId: 2.5.29.14 Criticality=false 
SubjectKeyIdentifier [ 
KeyIdentifier [ 
0000: 6F FB BD 5A 59 70 1C 2E 77 32 9A 97 69 C3 23 0E o..ZYp..w2..i.#. 
0010: EF D8 E9 D0          .... 
] 
] 

] 
    Algorithm: [SHA256withRSA] 
    Signature: 
0000: 90 BE B9 5B E7 66 C1 B4 C1 C8 60 90 69 5F 01 04 ...[.f....`.i_.. 
0010: 2B C4 E6 9E 8D 13 8C A7 3F 81 55 6C CD D1 47 48 +.......?.Ul..GH 
0020: 3C D7 D8 3E F5 C2 69 A7 A2 21 CE 15 08 F7 D9 8C <..>..i..!...... 
0030: 2D FE 37 29 AD DC E3 CA 27 27 83 2C 15 95 4D 40 -.7)....''.,[email protected] 
0040: EA 2C AD EF 99 7C 9B 84 59 3F 6C E6 BA 07 F4 EC .,......Y?l..... 
0050: 05 36 E4 58 EA B0 DF 00 AB 54 F2 FF 6B AE C2 C1 .6.X.....T..k... 
0060: E4 3C D3 23 79 61 D1 67 DD 0C 0D 2B 77 E0 8E 6F .<.#ya.g...+w..o 
0070: A2 7B 21 13 D2 4F D7 8B 98 A7 E0 22 E9 95 D7 1A ..!..O.....".... 
0080: C5 71 0A 15 35 77 38 37 EC F9 CC 60 79 2D A5 E0 .q..5w87...`y-.. 
0090: DA C2 78 AD 59 88 7B 92 93 66 9A 44 F7 58 8C 0D ..x.Y....f.D.X.. 
00A0: 28 E3 42 D0 79 DC F5 23 C7 36 D0 61 0A 34 61 F3 (.B.y..#.6.a.4a. 
00B0: 16 AE 7B D8 8B BC B8 6B D6 05 C4 E4 EF B0 BF 4B .......k.......K 
00C0: 66 E1 6F 59 EC 67 F6 A3 C0 49 7A 83 8A 7B FC 7B f.oY.g...Iz..... 
00D0: 26 3C 42 16 F7 DE DB 74 4D 1A A5 7F AE C2 36 C4 &<B....tM.....6. 
00E0: 8E 5A F9 75 05 3A A5 13 70 0C 69 96 00 CB FD 77 .Z.u.:..p.i....w 
00F0: 4A 9E C8 E4 AA 39 75 7D 6D C9 79 04 BC DF 59 EF J....9u.m.y...Y. 

] 
*** 
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1 
JavaPNS grouped notification thread in LIST mode, WRITE: TLSv1 Handshake, length = 1729 
SESSION KEYGEN: 
PreMaster Secret: 
0000: 03 01 00 2E C1 C7 9F 24 B2 E9 02 59 7B D2 8A A7 .......$...Y.... 
0010: 22 D3 72 B2 16 55 5F 5C E1 30 7D 4A 56 F1 3C 32 ".r..U_\.0.JV.<2 
0020: 5D 77 8F 13 BD B0 E9 6A 84 9E 81 0D 0B 38 D5 0E ]w.....j.....8.. 
CONNECTION KEYGEN: 
Client Nonce: 
0000: 56 03 10 94 63 A2 8C A1 6D 75 2F F0 38 EC CD 4F V...c...mu/.8..O 
0010: 3A D6 46 C7 C4 2D 5F 76 4B 38 3F FC 28 59 6B 04 :.F..-_vK8?.(Yk. 
Server Nonce: 
0000: B2 1F 50 60 42 F5 94 7A 5B 7C FE 50 60 3E 84 BC ..P`B..z[..P`>.. 
0010: CB 18 B7 B1 E8 50 56 6E F9 DD 6E E2 B9 34 25 01 .....PVn..n..4%. 
Master Secret: 
0000: 03 87 6A 7D 0E 69 76 FA 5F 2E 48 BB B7 77 79 0F ..j..iv._.H..wy. 
0010: 5E 59 CF 32 BA B5 D7 2E 0F 9D 43 F2 4F F1 CD 52 ^Y.2......C.O..R 
0020: DF A7 05 EB 47 BF FD 18 48 F0 DD F1 78 10 47 FF ....G...H...x.G. 
Client MAC write Secret: 
0000: ED B5 4A 85 1D CC 96 D2 D0 94 29 40 AE 8F C3 10 ..J.......)@.... 
0010: 74 52 24 8D          tR$. 
Server MAC write Secret: 
0000: B9 ED CD B7 30 52 1F 74 9E 47 71 41 2A 1B 90 C7 ....0R.t.GqA*... 
0010: AF 2F 93 4E          ./.N 
Client write key: 
0000: A0 B0 7C 23 2F C7 A3 5D 24 03 B4 1F F9 2B B2 97 ...#/..]$....+.. 
Server write key: 
0000: 29 4C 64 FB 39 02 96 43 7A 5B F5 1D D4 2A 51 B7 )Ld.9..Cz[...*Q. 
Client write IV: 
0000: 85 3C C4 38 B4 9F 41 92 B6 88 7A 47 F6 B9 82 C1 .<.8..A...zG.... 
Server write IV: 
0000: FA 04 7C A8 D7 29 A3 0D 5F 20 BF 3C 4C C8 52 9A .....).._ .<L.R. 
*** CertificateVerify 
JavaPNS grouped notification thread in LIST mode, WRITE: TLSv1 Handshake, length = 262 
JavaPNS grouped notification thread in LIST mode, WRITE: TLSv1 Change Cipher Spec, length = 1 
*** Finished 
verify_data: { 221, 26, 21, 239, 125, 223, 149, 73, 149, 170, 46, 218 } 
*** 
JavaPNS grouped notification thread in LIST mode, WRITE: TLSv1 Handshake, length = 48 
JavaPNS grouped notification thread in LIST mode, handling exception: java.net.SocketException: Connection reset 
%% Invalidated: [Session-2, TLS_RSA_WITH_AES_128_CBC_SHA] 
JavaPNS grouped notification thread in LIST mode, SEND TLSv1 ALERT: fatal, description = unexpected_message 
JavaPNS grouped notification thread in LIST mode, WRITE: TLSv1 Alert, length = 32 
JavaPNS grouped notification thread in LIST mode, Exception sending alert: java.net.SocketException: Broken pipe 
JavaPNS grouped notification thread in LIST mode, called closeSocket() 
JavaPNS grouped notification thread in LIST mode, called close() 
JavaPNS grouped notification thread in LIST mode, called closeInternal(true) 


abhishek$ which openssl 
/usr/bin/openssl 
abhishek$ openssl version 
OpenSSL 1.0.2d 9 Jul 2015 

abhishek$ java -version 
java version "1.7.0_79" 
Java(TM) SE Runtime Environment (build 1.7.0_79-b15) 
Java HotSpot(TM) 64-Bit Server VM (build 24.79-b02, mixed mode) 

編輯:當我打印這個的SSLSession

SSLSession session = socket.getSession(); 
//I got [Session-1, SSL_NULL_WITH_NULL_NULL] 

//返回此連接使用的SSL會話。這些可以長期存在,並且經常對應於某個用戶的整個登錄會話。會話指定了一個特定的密碼套件,該套件正被該會話中的所有連接以及會話客戶端和服務器的身份標識所使用。 如果需要,此方法將啓動初始握手,然後阻塞,直到握手建立。 如果初始握手期間出現錯誤,則此方法返回它報告「SSL_NULL_WITH_NULL_NULL」的無效密碼套件無效的會話對象。

的System.out.println(session.getLocalCertificates()); //我得到空 雖然在Java 6中使用相同的證書我沒有得到空。

+0

如果握手失敗,則「無效」會話可能是一個虛擬對象,即使您擁有密鑰庫,也不包含本地證書(可能是因爲密鑰庫可以包含多個憑據而不經過選擇並且握手的驗證過程JSSE無法知道哪個是「正確」的。 –

回答

0

對等體已經關閉了連接。你將不得不看看它的日誌,看看爲什麼。它可能會要求你提供證書,而你沒有提供證書。

+0

我已經創建了一個證書(一個p12文件)。證書沒問題,因爲我可以在Java 6上使用相同的證書。當我將我的java升級到7時,問題就出現了。我也升級了openssl。 openssl版本 OpenSSL 1.0.2d 2015年7月9日 –

+0

EJP,我修改了我的問題。我的問題是爲什麼相同的證書不能在Java 7上工作。 –

+0

雖然日誌不完整,但日誌清楚地顯示發送客戶端證書。此證書可能*不可接受*但如果是這樣的話,服務器響應應該是特定的警報而不是RST。我同意服務器端的細節將是最好的,但我的理解是(所有)蘋果推送服務器由蘋果公司運行,可能不會提供此信息。 @abhishek Log根據需要顯示客戶端證書,但沒有明確使用每個Apple網站(甚至是caIss)的鏈式證書,並且根據需要具有ExtendedKeyUsage,但不包含clientauth。但如果這是一個Apple運行的服務器,它可以信任蘋果鏈,並且實踐另一臺服務器不會。 –