Java 客户端 SSL 重新协商
Java client SSL renegotiate
我有一个 Dropwizard 应用程序,其中一个资源需要调用另一个 Dropwizard 应用程序上的资源。我们注意到很多时间花在了 SSL 重新协商上。经过仔细检查,只有当其他应用程序在同一台机器上时才会发生这种情况。即:
client.target("https://mymachine.com/test").request().post(null);
client.target("https://mymachine.com/test").request().post(null);
// renegotiation
如果使用命令行选项 -Djavax.net.debug=ssl:handshake:verbose 日志显示
%% Client cached [Session-13, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
%% Try resuming [Session-13, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256] from port 55043
...
%% Invalidated: [Session-13, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
%% Initialized: [Session-15, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
但是在我的本地机器上调用相同的服务时:
client.target("https://othermachine.com/test").request().post(null);
client.target("https://othermachine.com/test").request().post(null);
// SSL session re-use (=wanted)
日志说:
%% Client cached [Session-15, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
%% Try resuming [Session-15, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] from port 55051
...
%% Server resumed [Session-15, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
这是怎么回事?
原来 java 版本不同。我的本地主机使用的是旧版本 :-$ 。
Java™ SE Development Kit 8, Update 161 (JDK 8u161) January 16, 2018
New Features
security-libs/javax.net.ssl Added TLS session hash and extended master
secret extension support Support has been added for the TLS session
hash and extended master secret extension (RFC 7627) in JDK JSSE
provider. Note that in general, server certificate change is
restricted if endpoint identification is not enabled and the previous
handshake is a session-resumption abbreviated initial handshake,
unless the identities represented by both certificates can be regarded
as the same. However, if the extension is enabled or negotiated, the
server certificate changing restriction is not necessary and will be
discarded accordingly. In case of compatibility issues, an application
may disable negotiation of this extension by setting the System
Property jdk.tls.useExtendedMasterSecret to false in the JDK. By
setting the System Property jdk.tls.allowLegacyResumption to false, an
application can reject abbreviated handshaking when the session hash
and extended master secret extension is not negotiated. By setting the
System Property jdk.tls.allowLegacyMasterSecret to false, an
application can reject connections that do not support the session
hash and extended master secret extension.
参见JDK-8148421
我有一个 Dropwizard 应用程序,其中一个资源需要调用另一个 Dropwizard 应用程序上的资源。我们注意到很多时间花在了 SSL 重新协商上。经过仔细检查,只有当其他应用程序在同一台机器上时才会发生这种情况。即:
client.target("https://mymachine.com/test").request().post(null);
client.target("https://mymachine.com/test").request().post(null);
// renegotiation
如果使用命令行选项 -Djavax.net.debug=ssl:handshake:verbose 日志显示
%% Client cached [Session-13, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
%% Try resuming [Session-13, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256] from port 55043
...
%% Invalidated: [Session-13, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
%% Initialized: [Session-15, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
但是在我的本地机器上调用相同的服务时:
client.target("https://othermachine.com/test").request().post(null);
client.target("https://othermachine.com/test").request().post(null);
// SSL session re-use (=wanted)
日志说:
%% Client cached [Session-15, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
%% Try resuming [Session-15, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256] from port 55051
...
%% Server resumed [Session-15, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
这是怎么回事?
原来 java 版本不同。我的本地主机使用的是旧版本 :-$ 。
Java™ SE Development Kit 8, Update 161 (JDK 8u161) January 16, 2018
New Features
security-libs/javax.net.ssl Added TLS session hash and extended master secret extension support Support has been added for the TLS session hash and extended master secret extension (RFC 7627) in JDK JSSE provider. Note that in general, server certificate change is restricted if endpoint identification is not enabled and the previous handshake is a session-resumption abbreviated initial handshake, unless the identities represented by both certificates can be regarded as the same. However, if the extension is enabled or negotiated, the server certificate changing restriction is not necessary and will be discarded accordingly. In case of compatibility issues, an application may disable negotiation of this extension by setting the System Property jdk.tls.useExtendedMasterSecret to false in the JDK. By setting the System Property jdk.tls.allowLegacyResumption to false, an application can reject abbreviated handshaking when the session hash and extended master secret extension is not negotiated. By setting the System Property jdk.tls.allowLegacyMasterSecret to false, an application can reject connections that do not support the session hash and extended master secret extension.
参见JDK-8148421