javax.net.ssl.SSLException: 没有可用的 PSK。无法恢复
javax.net.ssl.SSLException: No PSK available. Unable to resume
我正在使用 Jetty 客户端发送传出请求。在Java10下完美运行的代码在Java11下突然出现如下异常:
javax.net.ssl.SSLException: No PSK available. Unable to resume.
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:129)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:255)
at java.base/sun.security.ssl.ServerHello$T13ServerHelloConsumer.consume(ServerHello.java:1224)
at java.base/sun.security.ssl.ServerHello$ServerHelloConsumer.onServerHello(ServerHello.java:984)
at java.base/sun.security.ssl.ServerHello$ServerHelloConsumer.consume(ServerHello.java:872)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1065)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1052)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:999)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:511)
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.process(HttpReceiverOverHTTP.java:128)
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.receive(HttpReceiverOverHTTP.java:73)
at org.eclipse.jetty.client.http.HttpChannelOverHTTP.receive(HttpChannelOverHTTP.java:133)
at org.eclipse.jetty.client.http.HttpConnectionOverHTTP.onFillable(HttpConnectionOverHTTP.java:155)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:305)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:411)
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:305)
at org.eclipse.jetty.io.ssl.SslConnection.succeeded(SslConnection.java:159)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103)
at org.eclipse.jetty.io.ChannelEndPoint.run(ChannelEndPoint.java:118)
我用 Jetty 提交了错误报告 here 但我想知道:错误消息的实际含义是什么? 是我的环境出了问题还是错误意味着 Jetty 没有正确配置连接?
JDK11 中存在错误:https://bugs.openjdk.java.net/browse/JDK-8213202
您必须:
- 等待发布 JDK 12
- 更新到 JDK 11.0.3+,其中包括 backport
- 或使用此命令行参数作为解决方法:
-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
由于 WALCZAK.IT 的回答中的 Adam 对我不起作用,我发现最终的解决方案是将 TLSv1.3 添加到 [=12= 中的 jdk.tls.disabledAlgorithms ] 文件在你的 java 目录下的 conf 下。
所以,打开%JAVA_HOME%\conf下的java.security,找到jdk.tls.disabledAlgorithms并追加, TLSv1.3。
我找到了一个适合我的解决方案,将其添加到您的 gradle.properties。
Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
JAVA_TOOL_OPTIONS=-Dhttps.protocols=TLSv1.2
systemProp.http.proxyHost=fodev.org
systemProp.http.proxyPort=8118
systemProp.http.nonProxyHosts=*.jitpack.io, *.maven.org
systemProp.https.proxyHost=fodev.org
systemProp.https.proxyPort=8118
systemProp.https.nonProxyHosts=*.jitpack.io, *.maven.org
我正在使用 Jetty 客户端发送传出请求。在Java10下完美运行的代码在Java11下突然出现如下异常:
javax.net.ssl.SSLException: No PSK available. Unable to resume.
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:129)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:264)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:255)
at java.base/sun.security.ssl.ServerHello$T13ServerHelloConsumer.consume(ServerHello.java:1224)
at java.base/sun.security.ssl.ServerHello$ServerHelloConsumer.onServerHello(ServerHello.java:984)
at java.base/sun.security.ssl.ServerHello$ServerHelloConsumer.consume(ServerHello.java:872)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1065)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1052)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:999)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:511)
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.process(HttpReceiverOverHTTP.java:128)
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.receive(HttpReceiverOverHTTP.java:73)
at org.eclipse.jetty.client.http.HttpChannelOverHTTP.receive(HttpChannelOverHTTP.java:133)
at org.eclipse.jetty.client.http.HttpConnectionOverHTTP.onFillable(HttpConnectionOverHTTP.java:155)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:305)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103)
at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:411)
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:305)
at org.eclipse.jetty.io.ssl.SslConnection.succeeded(SslConnection.java:159)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103)
at org.eclipse.jetty.io.ChannelEndPoint.run(ChannelEndPoint.java:118)
我用 Jetty 提交了错误报告 here 但我想知道:错误消息的实际含义是什么? 是我的环境出了问题还是错误意味着 Jetty 没有正确配置连接?
JDK11 中存在错误:https://bugs.openjdk.java.net/browse/JDK-8213202
您必须:
- 等待发布 JDK 12
- 更新到 JDK 11.0.3+,其中包括 backport
- 或使用此命令行参数作为解决方法:
-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
由于 WALCZAK.IT 的回答中的 Adam 对我不起作用,我发现最终的解决方案是将 TLSv1.3 添加到 [=12= 中的 jdk.tls.disabledAlgorithms ] 文件在你的 java 目录下的 conf 下。
所以,打开%JAVA_HOME%\conf下的java.security,找到jdk.tls.disabledAlgorithms并追加, TLSv1.3。
我找到了一个适合我的解决方案,将其添加到您的 gradle.properties。
Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
JAVA_TOOL_OPTIONS=-Dhttps.protocols=TLSv1.2
systemProp.http.proxyHost=fodev.org
systemProp.http.proxyPort=8118
systemProp.http.nonProxyHosts=*.jitpack.io, *.maven.org
systemProp.https.proxyHost=fodev.org
systemProp.https.proxyPort=8118
systemProp.https.nonProxyHosts=*.jitpack.io, *.maven.org