1
目前,我正在使用Spray I/O與Scala一起實施Web服務。希望使用SSL來保護我的請求。但是,我很難配置SSL。如果HTTPS發起呼叫時有錯誤時,拋出有關創建使用此Spray HTTPS在接收對方的close_notify之前關閉入口
keytool -genkey -keyalg RSA -alias mykey -dname "CN=dev.site.com,OU=app" -keystore keystore.jks -storepass pas -validity 365
一個證書握手
fatal error: 80: Inbound closed before receiving peer's close_notify: possible truncation attack?
javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
創建的SSL性狀這樣
trait SSLConfiguration {
implicit def sslContext: SSLContext = {
val keystore = keystore.jks
val password = pas
val keyStore = KeyStore.getInstance("jks")
val in = getClass.getClassLoader.getResourceAsStream(keystore)
require(in != null, "Bad java key storage file: " + keystore)
keyStore.load(in, password.toCharArray)
val keyManagerFactory = KeyManagerFactory.getInstance("SunX509")
keyManagerFactory.init(keyStore, password.toCharArray)
val trustManagerFactory = TrustManagerFactory.getInstance("SunX509")
trustManagerFactory.init(keyStore)
val context = SSLContext.getInstance("TLS")
context.init(keyManagerFactory.getKeyManagers, trustManagerFactory.getTrustManagers, new SecureRandom)
context
}
implicit def sslEngineProvider: ServerSSLEngineProvider = {
ServerSSLEngineProvider { engine =>
engine.setEnabledCipherSuites(Array("TLS_RSA_WITH_AES_256_CBC_SHA"))
engine.setEnabledProtocols(Array("SSLv3", "TLSv1"))
engine
}
}
}
設置我引導以使用特徵。
object Boot extends App with SSLConfiguration
//bind to io interface. set ssl engine providor
IO(Http) ! Http.Bind(service, interface = interface, port)(sslEngineProvider)
}
這是資源中的application.conf文件嗎? – user2524908
是的,它在application.conf中。 – sanfann
您可以添加'-Djavax.net.debug = ssl,handshake'來獲取更多日誌 – sanfann