2017-02-20 114 views
1

發送的信息可有人知道我爲什麼當我使用此代碼與Java 8沒有服務器擴展名:擴展服務器名(SNI擴展)不與JAVA 8

try { 
      URL url = new URL(urlString); 
      URLConnection conn = url.openConnection(); 
      conn.setDoOutput(true); 

      OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream()); 
      wr.write(requestString); 
      wr.flush(); 
      // Get the response 
      BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream())); 
      String line; 
      String response = ""; 
      while ((line = rd.readLine()) != null) { 
       response += line; 
      } 
      wr.close(); 
      rd.close(); 

      return response; 
     } catch (IOException ex) { 
      System.err.println(ex); return ex.toString(); 
     } 

蒙山JAVA 7,一切工作正常。但不能與JAVA 8

whene我啓動了ssl調試我觀察到SNI沒有在handshak發送:

*** ClientHello, TLSv1 
2017-02-20 19:28:18,002 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] RandomCookie: GMT: 1470841681 bytes = { 25, 147, 132, 94, 6, 112, 89, 50, 116, 255, 80, 95, 125, 122, 43, 167, 180, 116, 63, 225, 37, 223, 247, 196, 90, 33, 242, 8 } 
2017-02-20 19:28:18,003 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] Session ID: {} 
2017-02-20 19:28:18,003 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] 
2017-02-20 19:28:18,004 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] Compression Methods: { 0 } 
2017-02-20 19:28:18,005 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1} 
2017-02-20 19:28:18,005 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] Extension ec_point_formats, formats: [uncompressed] 
2017-02-20 19:28:18,008 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] *** 
2017-02-20 19:28:18,009 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] default task-11, WRITE: TLSv1 Handshake, length = 137 
2017-02-20 19:28:18,027 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] default task-11, handling exception: java.net.SocketException: Connection reset 
2017-02-20 19:28:18,027 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] default task-11, SEND TLSv1.2 ALERT: fatal, description = unexpected_message 
2017-02-20 19:28:18,028 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] default task-11, WRITE: TLSv1.2 Alert, length = 2 
2017-02-20 19:28:18,030 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] default task-11, Exception sending alert: java.net.SocketException: Broken pipe 
2017-02-20 19:28:18,031 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] default task-11, called closeSocket() 
2017-02-20 19:28:18,032 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] default task-11, called close() 
2017-02-20 19:28:18,033 INFO [org.jboss.stdio.AbstractLoggingWriter:write:71(default task-11)] default task-11, called closeInternal(true) 

注意,我不使用setHostnameVerifier(..),和我使用wildfly 10.

回答

1

Security Enhancements in Java 8看看這表明:在默認情況下 在JDK

SunJSSE已啓用SNI擴展客戶端應用程序7 JDK 8支持服務器應用程序的SNI擴展。

該文檔進入顯示您的代碼將不得不改變一下現在啓用它 - 代碼示例請參閱the SNIExtension