SSLHandshakeException 没有共同的密码套件 - linux 仅使用 wiremock
SSLHandshakeException no cipher suites in common - linux only using wiremock
我有一个使用 wiremock 作为模拟服务器的集成测试。
我的服务器设置如下:
@ClassRule
public static WireMockClassRule wireMockRule = new WireMockClassRule(wireMockConfig()
.port(9998)
.httpsPort(7777)
.needClientAuth(true)
.trustStorePath(WireMockConfiguration.getTruststorePath())
.trustStorePassword("changeit")
.keystorePath(WireMockConfiguration.getTruststorePath())
.keystorePassword("changeit")
);
// we only use a single instance of the server across all tests in the class
@Rule
public WireMockClassRule instanceRule = wireMockRule;
WireMockConfiguration 是:
public static String getTruststorePath() {
return resolveFile("server.truststore");
}
public static String getKeystorePath() {
return resolveFile("server.jks");
}
private static String resolveFile(final String file) {
final URL resource = WireMockConfiguration.class.getClassLoader().getResource(file);
if (resource == null) {
throw new IllegalStateException("Could not resolve property");
}
return resource.getFile();
}
这 运行 在我的本地 Windows 机器上很好,但是当我 运行 它在 CentOS 上的 jenkins 服务器上时,我得到异常:
javax.net.ssl.SSLHandshakeException: no cipher suites in common
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:292)
at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:1035)
at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:738)
at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:221)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:708)
at com.github.tomakehurst.wiremock.jetty6.DelayableSslSocketConnector.run(DelayableSslSocketConnector.java:52)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
我生成的密钥库和信任库如下:
keytool -genkey -alias server-alias -keyalg RSA -keypass changeit -storepass changeit -keystore server.jks
keytool -genkey -alias client-alias -keyalg RSA -keypass changeit -storepass changeit -keystore client.jks
keytool -export -alias client-alias -storepass changeit -file client.cer -keystore client.jks
keytool -import -v -trustcacerts -alias client-alias -file client.cer -keystore server.truststore -keypass changeit -storepass changeit
问题其实出在规则配置上
.trustStorePath(WireMockConfiguration.getTruststorePath())
.trustStorePassword("changeit")
.keystorePath(WireMockConfiguration.getTruststorePath())
我将信任库设置为同时用作信任库和密钥库。
我有一个使用 wiremock 作为模拟服务器的集成测试。
我的服务器设置如下:
@ClassRule
public static WireMockClassRule wireMockRule = new WireMockClassRule(wireMockConfig()
.port(9998)
.httpsPort(7777)
.needClientAuth(true)
.trustStorePath(WireMockConfiguration.getTruststorePath())
.trustStorePassword("changeit")
.keystorePath(WireMockConfiguration.getTruststorePath())
.keystorePassword("changeit")
);
// we only use a single instance of the server across all tests in the class
@Rule
public WireMockClassRule instanceRule = wireMockRule;
WireMockConfiguration 是:
public static String getTruststorePath() {
return resolveFile("server.truststore");
}
public static String getKeystorePath() {
return resolveFile("server.jks");
}
private static String resolveFile(final String file) {
final URL resource = WireMockConfiguration.class.getClassLoader().getResource(file);
if (resource == null) {
throw new IllegalStateException("Could not resolve property");
}
return resource.getFile();
}
这 运行 在我的本地 Windows 机器上很好,但是当我 运行 它在 CentOS 上的 jenkins 服务器上时,我得到异常:
javax.net.ssl.SSLHandshakeException: no cipher suites in common
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:292)
at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:1035)
at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:738)
at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:221)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:708)
at com.github.tomakehurst.wiremock.jetty6.DelayableSslSocketConnector.run(DelayableSslSocketConnector.java:52)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
我生成的密钥库和信任库如下:
keytool -genkey -alias server-alias -keyalg RSA -keypass changeit -storepass changeit -keystore server.jks
keytool -genkey -alias client-alias -keyalg RSA -keypass changeit -storepass changeit -keystore client.jks
keytool -export -alias client-alias -storepass changeit -file client.cer -keystore client.jks
keytool -import -v -trustcacerts -alias client-alias -file client.cer -keystore server.truststore -keypass changeit -storepass changeit
问题其实出在规则配置上
.trustStorePath(WireMockConfiguration.getTruststorePath())
.trustStorePassword("changeit")
.keystorePath(WireMockConfiguration.getTruststorePath())
我将信任库设置为同时用作信任库和密钥库。