当前位置: 文江博客话题详情

javax.net.ssl.SSLException:收到致命警报:Java 和 https 的 bad_record_mac

发布于 2025-01-07 22:24:30 字数 1843 浏览 1 评论 0原文

在使用 Java 中的 HTTPS 使用 HttpsURLConnection 类连接到服务器时,我收到了问题标题中所述的异常。另外,我尝试使用倒数第二个答案跳过证书验证。接下来我可以尝试什么?

更新 1:堆栈跟踪

javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1720)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:954)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1165)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:133)
    at com.kuliza.sitepulse.thread.HttpConnectionThread.run(HttpConnectionThread.java:77)
    at java.lang.Thread.run(Thread.java:662)

我收到代码行的异常: http.connect(); 其中 http 的类型为 <代码>HttpsURLConnection 类。

更新 2:SSL 日志

以下是 SSL 握手日志:

[Raw read]: length = 5
0000: 15 03 00 00 02                                     .....
[Raw read]: length = 2
0000: 02 14                                              ..
Thread-6, READ: SSLv3 Alert, length = 2
Thread-6, RECV SSLv3 ALERT:  fatal, bad_record_mac
Thread-6, called closeSocket()
原文

I am getting the exception as stated in the title of the question, while connecting to server using HTTPS in Java using HttpsURLConnection class. Also I am trying to skip the certificate validation using the second last answer. What can I try next?

Update 1: Stack trace

javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
    at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1720)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:954)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1165)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149)
    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:133)
    at com.kuliza.sitepulse.thread.HttpConnectionThread.run(HttpConnectionThread.java:77)
    at java.lang.Thread.run(Thread.java:662)

I am getting the exception for the line of code: http.connect(); where http is of the type HttpsURLConnection class.

Update 2: SSL log

Here are the SSL Handshake logs:

[Raw read]: length = 5
0000: 15 03 00 00 02                                     .....
[Raw read]: length = 2
0000: 02 14                                              ..
Thread-6, READ: SSLv3 Alert, length = 2
Thread-6, RECV SSLv3 ALERT:  fatal, bad_record_mac
Thread-6, called closeSocket()

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

悍妇囚夫 2025-01-14 22:24:30

我知道这来得太晚了,但它可能会对某人有所帮助,对吧?

如果您包含更多导致您包含的错误的 ssl 连接的调试输出,可能会有所帮助。我看到了同样的错误,只是通过包含 -Dhttps.protocols=SSLv3 解决了它
-Dforce.http.jre.executor=true 在我的虚拟机争论中......所以如果你幸运的话,这可能也适合你。

这是我的踪迹:

SESSION KEYGEN:
PreMaster Secret:
0000: 03 00 31 86 59 ED 17 07   6C 37 1F 17 19 B4 A1 16  ..1.Y...l7......
0010: 30 99 60 A1 31 BB 3A 0A   0E 7F 61 F5 7E 4F 35 7A  0.`.1.:...a..O5z
0020: 21 6F 1D 63 42 A1 63 43   5E 48 B2 67 35 E3 DA DF  !o.cB.cC^H.g5...
CONNECTION KEYGEN:
Client Nonce:
0000: 52 65 F0 96 23 24 71 D6   51 1A EF D6 31 D1 39 2A  Re..#$q.Q...1.9*
0010: 13 13 2E 41 8C 7E 80 B8   C0 6E 8A 8C 4E 5A CD FA  ...A.....n..NZ..
Server Nonce:
0000: 52 65 F0 96 CD 4B BE A9   E1 F8 34 B3 C3 23 14 35  Re...K....4..#.5
0010: 05 4F 5C 18 D7 10 5E 80   7B FF 73 DA 85 60 84 8C  .O\...^...s..`..
Master Secret:
0000: 0D 11 FE 0D CD 99 C3 3F   D9 40 CF BC 2E C7 40 5E  .......?.@....@^
0010: B0 C5 4F 75 4A 0A 39 1E   E2 0F 54 E1 A1 7F CE 72  ..OuJ.9...T....r
0020: 4F 99 8F E2 D9 7F C1 AC   FD D0 89 62 F7 72 F9 6F  O..........b.r.o
Client MAC write Secret:
0000: 80 7C C8 E7 02 6D 29 A3   E2 E5 BA 44 94 18 19 65  .....m)....D...e
0010: 63 5D 5D 8A                                        c]].
Server MAC write Secret:
0000: 06 58 B6 2F 03 FB E7 C6   48 1F 68 5C 10 DD 58 8D  .X./....H.h\..X.
0010: 36 7B AC AA                                        6...
Client write key:
0000: B5 C6 23 1E 88 F2 30 76   39 18 AB 0C 71 94 E7 8A  ..#...0v9...q...
Server write key:
0000: 9D 49 1C 52 13 B9 F8 44   DA 87 6C 1C 93 CD 9C 8B  .I.R...D..l.....
Client write IV:
0000: 07 1A A6 47 7E 6E 2B F4   A6 7A 6D DC 5E 74 E8 0F  ...G.n+..zm.^t..
Server write IV:
0000: 32 93 23 CC F4 83 1F 2C   B7 22 28 8C A2 7D B1 01  2.#....,."(.....
main, WRITE: SSLv3 Change Cipher Spec, length = 1
[Raw write]: length = 6
0000: 14 03 00 00 01 01                                  ......
*** Finished
verify_data:  { 179, 120, 197, 29, 60, 98, 37, 252, 37, 183, 141, 166, 140, 77, 63, 118, 23, 245, 11, 144, 27, 201, 63, 22, 192, 187, 40, 220, 78, 17, 118, 104, 112, 238, 156, 176 }
***
[write] MD5 and SHA1 hashes:  len = 40
0000: 14 00 00 24 B3 78 C5 1D   3C 62 25 FC 25 B7 8D A6  ...$.x..<b%.%...
0010: 8C 4D 3F 76 17 F5 0B 90   1B C9 3F 16 C0 BB 28 DC  .M?v......?...(.
0020: 4E 11 76 68 70 EE 9C B0                            N.vhp...
Padded plaintext before ENCRYPTION:  len = 64
0000: 14 00 00 24 B3 78 C5 1D   3C 62 25 FC 25 B7 8D A6  ...$.x..<b%.%...
0010: 8C 4D 3F 76 17 F5 0B 90   1B C9 3F 16 C0 BB 28 DC  .M?v......?...(.
0020: 4E 11 76 68 70 EE 9C B0   46 F4 59 24 44 F1 C3 A8  N.vhp...F.Y$D...
0030: 7E FB 80 EB AD 74 35 28   64 31 65 80 03 03 03 03  .....t5(d1e.....
main, WRITE: SSLv3 Handshake, length = 64
[Raw write]: length = 69
0000: 16 03 00 00 40 FE A7 C8   1D 6D 2E A8 A5 C7 78 8D  [email protected].
0010: 68 04 B2 55 42 B3 3C C1   A2 90 F1 A5 9B 39 1D 96  h..UB.<......9..
0020: 53 43 65 15 2A 17 2C 43   70 AE 8C B5 EE 63 C3 91  SCe.*.,Cp....c..
0030: 73 BC D1 45 34 B1 76 46   B8 C5 CE BF 5E 15 72 E6  s..E4.vF....^.r.
0040: FE 16 9C 43 64                                     ...Cd
[Raw read]: length = 5
0000: 15 03 00 00 02                                     .....
[Raw read]: length = 2
0000: 02 14                                              ..
main, READ: SSLv3 Alert, length = 2
main, RECV SSLv3 ALERT:  fatal, bad_record_mac
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLException: Received fatal alert: bad_record_mac

I know this is coming in way late, but it might help someone, right?

It might help if you include more of the debug output for the ssl connection leading up to the error which you included. I was seeing the same error and just solved it by including -Dhttps.protocols=SSLv3
-Dforce.http.jre.executor=true in my VM arguements ... so if you're lucky, that might work for you too.

Here's my trace:

SESSION KEYGEN:
PreMaster Secret:
0000: 03 00 31 86 59 ED 17 07   6C 37 1F 17 19 B4 A1 16  ..1.Y...l7......
0010: 30 99 60 A1 31 BB 3A 0A   0E 7F 61 F5 7E 4F 35 7A  0.`.1.:...a..O5z
0020: 21 6F 1D 63 42 A1 63 43   5E 48 B2 67 35 E3 DA DF  !o.cB.cC^H.g5...
CONNECTION KEYGEN:
Client Nonce:
0000: 52 65 F0 96 23 24 71 D6   51 1A EF D6 31 D1 39 2A  Re..#$q.Q...1.9*
0010: 13 13 2E 41 8C 7E 80 B8   C0 6E 8A 8C 4E 5A CD FA  ...A.....n..NZ..
Server Nonce:
0000: 52 65 F0 96 CD 4B BE A9   E1 F8 34 B3 C3 23 14 35  Re...K....4..#.5
0010: 05 4F 5C 18 D7 10 5E 80   7B FF 73 DA 85 60 84 8C  .O\...^...s..`..
Master Secret:
0000: 0D 11 FE 0D CD 99 C3 3F   D9 40 CF BC 2E C7 40 5E  .......?.@....@^
0010: B0 C5 4F 75 4A 0A 39 1E   E2 0F 54 E1 A1 7F CE 72  ..OuJ.9...T....r
0020: 4F 99 8F E2 D9 7F C1 AC   FD D0 89 62 F7 72 F9 6F  O..........b.r.o
Client MAC write Secret:
0000: 80 7C C8 E7 02 6D 29 A3   E2 E5 BA 44 94 18 19 65  .....m)....D...e
0010: 63 5D 5D 8A                                        c]].
Server MAC write Secret:
0000: 06 58 B6 2F 03 FB E7 C6   48 1F 68 5C 10 DD 58 8D  .X./....H.h\..X.
0010: 36 7B AC AA                                        6...
Client write key:
0000: B5 C6 23 1E 88 F2 30 76   39 18 AB 0C 71 94 E7 8A  ..#...0v9...q...
Server write key:
0000: 9D 49 1C 52 13 B9 F8 44   DA 87 6C 1C 93 CD 9C 8B  .I.R...D..l.....
Client write IV:
0000: 07 1A A6 47 7E 6E 2B F4   A6 7A 6D DC 5E 74 E8 0F  ...G.n+..zm.^t..
Server write IV:
0000: 32 93 23 CC F4 83 1F 2C   B7 22 28 8C A2 7D B1 01  2.#....,."(.....
main, WRITE: SSLv3 Change Cipher Spec, length = 1
[Raw write]: length = 6
0000: 14 03 00 00 01 01                                  ......
*** Finished
verify_data:  { 179, 120, 197, 29, 60, 98, 37, 252, 37, 183, 141, 166, 140, 77, 63, 118, 23, 245, 11, 144, 27, 201, 63, 22, 192, 187, 40, 220, 78, 17, 118, 104, 112, 238, 156, 176 }
***
[write] MD5 and SHA1 hashes:  len = 40
0000: 14 00 00 24 B3 78 C5 1D   3C 62 25 FC 25 B7 8D A6  ...$.x..<b%.%...
0010: 8C 4D 3F 76 17 F5 0B 90   1B C9 3F 16 C0 BB 28 DC  .M?v......?...(.
0020: 4E 11 76 68 70 EE 9C B0                            N.vhp...
Padded plaintext before ENCRYPTION:  len = 64
0000: 14 00 00 24 B3 78 C5 1D   3C 62 25 FC 25 B7 8D A6  ...$.x..<b%.%...
0010: 8C 4D 3F 76 17 F5 0B 90   1B C9 3F 16 C0 BB 28 DC  .M?v......?...(.
0020: 4E 11 76 68 70 EE 9C B0   46 F4 59 24 44 F1 C3 A8  N.vhp...F.Y$D...
0030: 7E FB 80 EB AD 74 35 28   64 31 65 80 03 03 03 03  .....t5(d1e.....
main, WRITE: SSLv3 Handshake, length = 64
[Raw write]: length = 69
0000: 16 03 00 00 40 FE A7 C8   1D 6D 2E A8 A5 C7 78 8D  [email protected].
0010: 68 04 B2 55 42 B3 3C C1   A2 90 F1 A5 9B 39 1D 96  h..UB.<......9..
0020: 53 43 65 15 2A 17 2C 43   70 AE 8C B5 EE 63 C3 91  SCe.*.,Cp....c..
0030: 73 BC D1 45 34 B1 76 46   B8 C5 CE BF 5E 15 72 E6  s..E4.vF....^.r.
0040: FE 16 9C 43 64                                     ...Cd
[Raw read]: length = 5
0000: 15 03 00 00 02                                     .....
[Raw read]: length = 2
0000: 02 14                                              ..
main, READ: SSLv3 Alert, length = 2
main, RECV SSLv3 ALERT:  fatal, bad_record_mac
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
回复 原文
~没有更多了~

关于作者

ㄖ落Θ余辉

暂无简介

文章
评论
26 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

若能看破又如何

文章 0 评论 0

夢野间

文章 0 评论 0

doggiejohn

文章 0 评论 0

就此别过

文章 0 评论 0

初见终念

文章 0 评论 0

qq_rvKjBH

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文