发表新帖
发表新帖

Not able to connect to server through java code. Getting javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

后端 未结
关注
4 1107
暗喜
暗喜 2021-01-05 00:43

I am trying to build a Test Automation Tool for REST API on AWS using rest-assured framework. I just tried with a simple HTTP POST and checking the output J

4条回答
  • 庸人自扰
    庸人自扰 (楼主)
    2021-01-05 00:56

    I am new to rest-assured, but the java SSL problems like handshake_failure are usually the same:

    • Incompatible cipher suites: The client has to use a cipher suite enabled by the server
    • Incompatible versions of SSL/TLS: The client have to ensure that it uses a compatible version. For example the server might force TLS1.2 that is not enabled by default in java7
    • Incomplete trust path for the server certificate: the server certificate is probably not trusted by the client. Usually the fix is to import the server certificate chain in into the client trust store.
    • Bad server config, like certificate issued to a different domain or certificate chain incomplete. In the case the fix is on server part

    To detect the cause the following environment variable can be set to verbose the protocol details

    -Djavax.net.debug=ssl

    For your specific issue with SSL, take a look at rest assured ssl documentation https://github.com/rest-assured/rest-assured/wiki/Usage#ssl

    First you can try to disable usual https verification

    given().relaxedHTTPSValidation().when().get("https://some_server.com"). ..

    If it works, create a JKS truststore with the certificates of the server

    1)Download them from the server (click on browser green lock and download each one) 2) Create the JKS with keytool and import the trusted certificates. Follow the guide in rest-assured guide or use portecle 3) Configure truststore in JKS

    given().keystore("/pathToJksInClassPath", ). ..

    If you need client authentication ( I think no), check this post How to make HTTPS GET call with certificate in Rest-Assured java

    If nothing of this works for you, do not forget todebug the SSL connection with 

     -Djavax.net.debug=ssl

    Ensure that the algorithm of your server is supported by your client. For example if you use Java7, TLS1.2 is not enabled by default

    0 讨论(0)
 看不清?
提交回复
热议问题