1

我正在使用 SSL Labs 测试网站的证书,它会在我的调试日志中生成大量的握手异常。异常如下所示:

javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:992)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:928)
at sun.security.ssl.AppInputStream.read(AppInputStream.java:105)
at sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:284)
at sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:326)
at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:178)
at java.io.InputStreamReader.read(InputStreamReader.java:184)
at java.io.Reader.read(Reader.java:140)
at bri.web.WebResponse.getMoreData(WebResponse.java:465)
at bri.web.WebResponse.parseRequest(WebResponse.java:362)
at bri.web.WebResponse.processRequest(WebResponse.java:99)
at bri.web.WebResponse.run(WebResponse.java:56)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
    at sun.security.ssl.InputRecord.read(InputRecord.java:505)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
    ... 12 more

我尝试了很多方法来解决这个问题,但它无济于事:

  1. I added -Dhttps.protocols="TLSv1.0,TLSv1.1,TLSv1.2" when I'm running Java
  2. All certificates are installed correctly based on the reports from SSL labs

就我而言,我认为 SSL Lab 发送的请求不包含任何用于测试与网站的连接的请求。而且由于我们的Web服务器是定制的,它不具备处理空请求的能力。我们的服务器将如何处理请求是在以下代码中:

// RESET CONNECTION VARIABLES
    REQUEST        = new HashMap();
    RESOURCE       = "";
    QUERY_STRING   = "";
    METHOD         = "";
    PROTOCOL       = "";
    HOST           = "";
    CONTENT_TYPE   = "";
    CONTENT_LENGTH = 0;
    USER_AGENT     = "";
    ETAG           = "";
    CONNECTION     = "";
    REFERER        = "";
    FORM_ELEMENTS  = "";
    IP             = "";
    REDIRECT       = false;
    bypassed       = false;
    length         = 0;
    totalLength    = -1;
    blankCount     = 0;
    name           = "";
    value          = "";

    // BLOCK AND WAIT FOR A CONNECTION
    socket = w.getConnection();

    //BriDebug.debug("WebResponse " + this.getName() + " is processing");

    IP = socket.getInetAddress().getHostAddress();
    out = new BufferedOutputStream(socket.getOutputStream());
    isr = new InputStreamReader(socket.getInputStream(), w.CHARSET);
    parseRequest();

而当我们使用isr(InputStreamReader)从socket读取输入流时,会发生异常,并会弹出握手异常。棘手的是,通过这种方式,我们的系统可以正常工作。如果用户正在访问我们的网站,发送到服务器的请求包含信息,parseRequest() 将帮助解密请求并帮助用户访问正确的页面。

有人可以帮我吗?有谁知道我如何处理其他人发送的空请求?(事实上​​,我们正在使用负载均衡器,当负载均衡器向我们的服务器发送空请求以检查连接时,也会发生同样的异常。)有谁知道我是否想对需要发送的响应进行硬编码回到其他人(即 SSL Labs、负载均衡器),他们应该是什么样子?

任何帮助表示赞赏。小伙伴们节日快乐。

4

0 回答 0