javax.net.ssl.SSLHandshakeException:没有握手就没有合适的协议(协议被禁用或者密码套件不合适)。
javax.net.ssl.SSLHandshakeException:没有握手就没有合适的协议(协议被禁用或者密码套件不合适)。
提问于 2022-08-31 07:08:10
这个问题发生在Windows1.5.0-b0和Windows11上几个不同JavaMail版本的默认安装中。
JDK版本:
OpenJDK 11当前发布的MSI安装程序,
Oracle JDK 11当前发行版MSI安装程序,
Oracle JDK 18当前发行版MSI安装程序。
public Receiver(Proto proto, String host, int port) {
isConnected = false;
this.properties = new Properties();
this.properties.put("mail.host", host);
System.setProperty("javax.net.debug", "ssl:handshake");
switch(proto) {
case POP3_SSL:
this.properties.put("mail.store.protocol", "pop3s");
this.properties.put("mail.pop3s.port", port);
break;
case POP3:
this.properties.put("mail.store.protocol", "pop3");
this.properties.put("mail.pop3.port", port);
break;
case IMAP_SSL:
this.properties.put("mail.store.protocol", "imaps");
this.properties.put("mail.imaps.port", port);
break;
case IMAP:
this.properties.put("mail.store.protocol", "imap");
this.properties.put("mail.imap.port", port);
break;
}
this.properties.put("mail.debug", "true");
}
public Receiver(Proto proto, String host) {
this(proto, host, proto.port);
}
public void connect(String username, String password) throws MessagingException {
Session session = javax.mail.Session.getInstance(properties);
store = session.getStore();
store.connect(username, password);
isConnected = true;
}在构造接收方对象之后,代码尝试连接(无论我们是使用pop3s还是imaps):
public class ReceiverTest
{
String imap_host = "imaps.udag.de";
String pop3_host = "pops.udag.de";
String mail_user = "xxxxxxxxxxx";
String mail_password = "xxxxxxxxxxx";
@Test
public void ConnectionTest() {
try {
Receiver receiver = new Receiver(Receiver.Proto.POP3_SSL, pop3_host);
receiver.connect(mail_user, mail_password);
} catch(MessagingException e) {
assertTrue(e.getCause().toString(), false);
}
assertTrue( true );
}
}结果总是相同的错误消息。
使用wireshark,我捕捉到了一些奇怪的行为:
可以看到,这里既没有客户机也没有服务器hello,这意味着协议或密码在协商之前就消失了--它们是由于某种原因局部地被分类的。
在OpenSSL中也尝试了相同的连接:
在这里,来自pop3s的调试输出尝试:
DEBUG: JavaMail version 1.5.0-b01
DEBUG: successfully loaded resource: /META-INF/javamail.default.providers
DEBUG: Tables of loaded providers
DEBUG: Providers Listed By Class Name: {com.sun.mail.smtp.SMTPSSLTransport=javax.mail.Provider[TRANSPORT,smtps,com.sun.mail.smtp.SMTPSSLTransport,Oracle], com.sun.mail.smtp.SMTPTransport=javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Oracle], com.sun.mail.imap.IMAPSSLStore=javax.mail.Provider[STORE,imaps,com.sun.mail.imap.IMAPSSLStore,Oracle], com.sun.mail.pop3.POP3SSLStore=javax.mail.Provider[STORE,pop3s,com.sun.mail.pop3.POP3SSLStore,Oracle], com.sun.mail.imap.IMAPStore=javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Oracle], com.sun.mail.pop3.POP3Store=javax.mail.Provider[STORE,pop3,com.sun.mail.pop3.POP3Store,Oracle]}
DEBUG: Providers Listed By Protocol: {imaps=javax.mail.Provider[STORE,imaps,com.sun.mail.imap.IMAPSSLStore,Oracle], imap=javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Oracle], smtps=javax.mail.Provider[TRANSPORT,smtps,com.sun.mail.smtp.SMTPSSLTransport,Oracle], pop3=javax.mail.Provider[STORE,pop3,com.sun.mail.pop3.POP3Store,Oracle], pop3s=javax.mail.Provider[STORE,pop3s,com.sun.mail.pop3.POP3SSLStore,Oracle], smtp=javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Oracle]}
DEBUG: successfully loaded resource: /META-INF/javamail.default.address.map
DEBUG: getProvider() returning javax.mail.Provider[STORE,pop3s,com.sun.mail.pop3.POP3SSLStore,Oracle]
DEBUG POP3: mail.pop3s.rsetbeforequit: false
DEBUG POP3: mail.pop3s.disabletop: false
DEBUG POP3: mail.pop3s.forgettopheaders: false
DEBUG POP3: mail.pop3s.cachewriteto: false
DEBUG POP3: mail.pop3s.filecache.enable: false
DEBUG POP3: mail.pop3s.keepmessagecontent: false
DEBUG POP3: mail.pop3s.starttls.enable: false
DEBUG POP3: mail.pop3s.starttls.required: false
DEBUG POP3: mail.pop3s.apop.enable: false
DEBUG POP3: mail.pop3s.disablecapa: false
DEBUG POP3: connecting to host "pops.udag.de", port 995, isSSL true
javax.net.ssl|DEBUG|10|main|2022-08-30 18:12:15.162 CEST|SSLCipher.java:466|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|ERROR|10|main|2022-08-30 18:12:15.280 CEST|TransportContext.java:363|Fatal (HANDSHAKE_FAILURE): Couldn't kickstart handshaking (
"throwable" : {
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
at java.base/sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:172)
at java.base/sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:103)
at java.base/sun.security.ssl.TransportContext.kickstart(TransportContext.java:240)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:448)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:426)
at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:527)
at com.sun.mail.util.SocketFetcher.createSocket(SocketFetcher.java:332)
at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:234)
at com.sun.mail.pop3.Protocol.<init>(Protocol.java:112)
at com.sun.mail.pop3.POP3Store.getPort(POP3Store.java:260)
at com.sun.mail.pop3.POP3Store.protocolConnect(POP3Store.java:205)
at javax.mail.Service.connect(Service.java:295)
at javax.mail.Service.connect(Service.java:176)
at javax.mail.Service.connect(Service.java:196)
at de.computils.mailbox.Receiver.connect(Receiver.java:69)
at de.computils.ReceiverTest.ConnectionTest(ReceiverTest.java:26)
at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:104)
at java.base/java.lang.reflect.Method.invoke(Method.java:577)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:271)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229)
at org.junit.runners.ParentRunner.run(ParentRunner.java:309)
at org.eclipse.jdt.internal.junit4.runner.JUnit4TestReference.run(JUnit4TestReference.java:89)
at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:40)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:529)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:756)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:452)
at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:210)}
)
javax.net.ssl|DEBUG|10|main|2022-08-30 18:12:15.280 CEST|SSLSocketImpl.java:1754|close the underlying socket
javax.net.ssl|DEBUG|10|main|2022-08-30 18:12:15.280 CEST|SSLSocketImpl.java:1780|close the SSL connection (passive)谁知道(不禁用ssl/tls)如何规避或解决这个问题?谁也经历过类似的问题?
回答 1
Stack Overflow用户
发布于 2022-08-31 07:55:51
似乎需要说明使用哪一种协议:
对于pop3s,解决方案是:
this.properties.put("mail.pop3s.ssl.protocols", "TLSv1.2");对于imaps,解决方案是:
this.properties.put("mail.imaps.ssl.protocols", "TLSv1.2");剩下的问题是:为什么TLSv1.2和TLSv1.3协议被禁用?
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/73552075
复制相关文章
相似问题
腾讯云开发者
