JavaFx Webview JDK 8 kann selbstsigniertes Zertifikat nicht laden

Question

Ich habe versucht, Webview in meine Javafx App zu implementieren und ich verwende JDK 8, um es zu entwickeln.

Wenn ich WebEngine jede HTTPS-Zertifikat Website zu laden, es funktioniert:

webEngine.load("https://google.com"); 

Aber wenn ich meine HTTPS selbst signiertes Zertifikat verwenden, kann es nicht öffnen. Ich habe versucht, diesen Code zu verwenden, das Problem zu zeigen:

webEngine.getLoadWorker().stateProperty().addListener(
     new ChangeListener<Worker.State>() { 
     public void changed(ObservableValue ov, Worker.State oldState, Worker.State newState) {        
      if (webEngine.getLoadWorker().getException() != null && newState == State.FAILED){ 
      System.out.println(webEngine.getLoadWorker().getException().toString()); 
     } 
    } 
}); 

Und mein Problem ist:

java.lang.Throwable: SSL-Handshake

fehlgeschlagen

Ich habe versucht, das hinzufügen folgenden Code, um alle Hosts vor der Verwendung meiner Webview zu vertrauen, aber es funktioniert nicht:

// Create a trust manager that does not validate certificate chains 
TrustManager[] trustAllCerts = new TrustManager[] { 
    new X509TrustManager() {  
     public java.security.cert.X509Certificate[] getAcceptedIssuers() { 
      return null; 
     } 
     public void checkClientTrusted( 
      java.security.cert.X509Certificate[] certs, String authType) { 
      } 
     public void checkServerTrusted( 
      java.security.cert.X509Certificate[] certs, String authType) { 
     } 
    } 
}; 

// Install the all-trusting trust manager 
try { 
    SSLContext sc = SSLContext.getInstance("SSL"); 
    sc.init(null, trustAllCerts, new java.security.SecureRandom()); 
    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); 
} catch (GeneralSecurityException e) { 
} 

webEngine.load("https://example.com"); 

Ist ein Kannst du es reparieren?

aktualisieren

ich hinzufügen -Djavax.net.debug = alle VMOption Details dieses Fehlers anzuzeigen, dann finde ich:

URL-Loader-11 erhielt EOFException: Fehler URL-Loader-11, Handhabung Ausnahme: javax.net.ssl.SSLHandshakeException: Remote-Host-Anschluss während der Handshake geschlossen

Nach voll Protokoll:

Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 
Allow unsafe renegotiation: false 
Allow legacy hello messages: true 
Is initial handshake: true 
Is secure renegotiation: false 
URL-Loader-11, setSoTimeout(3600000) called 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1 
%% No cached client session 
*** ClientHello, TLSv1.2 
RandomCookie: GMT: 1429261936 bytes = { 78, 102, 51, 3, 227, 71, 247, 110, 13, 31, 1, 249, 251, 191, 182, 146, 152, 35, 185, 132, 144, 219, 68, 50, 42, 165, 168, 205 } 
Session ID: {} 
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] 
Compression Methods: { 0 } 
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1} 
Extension ec_point_formats, formats: [uncompressed] 
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA 
*** 
[write] MD5 and SHA1 hashes: len = 207 
0000: 01 00 00 CB 03 03 55 31 CE 70 4E 66 33 03 E3 47 ......U1.pNf3..G 
0010: F7 6E 0D 1F 01 F9 FB BF B6 92 98 23 B9 84 90 DB .n.........#.... 
0020: 44 32 2A A5 A8 CD 00 00 46 C0 23 C0 27 00 3C C0 D2*.....F.#.'.<. 
0030: 25 C0 29 00 67 00 40 C0 09 C0 13 00 2F C0 04 C0 %.).g.@...../... 
0040: 0E 00 33 00 32 C0 07 C0 11 00 05 C0 02 C0 0C C0 ..3.2........... 
0050: 2B C0 2F 00 9C C0 2D C0 31 00 9E 00 A2 C0 08 C0 +./...-.1....... 
0060: 12 00 0A C0 03 C0 0D 00 16 00 13 00 04 00 FF 01 ................ 
0070: 00 00 5C 00 0A 00 34 00 32 00 17 00 01 00 03 00 ..\...4.2....... 
0080: 13 00 15 00 06 00 07 00 09 00 0A 00 18 00 0B 00 ................ 
0090: 0C 00 19 00 0D 00 0E 00 0F 00 10 00 11 00 02 00 ................ 
00A0: 12 00 04 00 05 00 14 00 08 00 16 00 0B 00 02 01 ................ 
00B0: 00 00 0D 00 1A 00 18 06 03 06 01 05 03 05 01 04 ................ 
00C0: 03 04 01 03 03 03 01 02 03 02 01 02 02 01 01  ............... 
URL-Loader-11, WRITE: TLSv1.2 Handshake, length = 207 
[Raw write]: length = 212 
0000: 16 03 03 00 CF 01 00 00 CB 03 03 55 31 CE 70 4E ...........U1.pN 
0010: 66 33 03 E3 47 F7 6E 0D 1F 01 F9 FB BF B6 92 98 f3..G.n......... 
0020: 23 B9 84 90 DB 44 32 2A A5 A8 CD 00 00 46 C0 23 #....D2*.....F.# 
0030: C0 27 00 3C C0 25 C0 29 00 67 00 40 C0 09 C0 13 .'.<.%.).g.@.... 
0040: 00 2F C0 04 C0 0E 00 33 00 32 C0 07 C0 11 00 05 ./.....3.2...... 
0050: C0 02 C0 0C C0 2B C0 2F 00 9C C0 2D C0 31 00 9E .....+./...-.1.. 
0060: 00 A2 C0 08 C0 12 00 0A C0 03 C0 0D 00 16 00 13 ................ 
0070: 00 04 00 FF 01 00 00 5C 00 0A 00 34 00 32 00 17 .......\...4.2.. 
0080: 00 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A ................ 
0090: 00 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 ................ 
00A0: 00 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 ................ 
00B0: 00 0B 00 02 01 00 00 0D 00 1A 00 18 06 03 06 01 ................ 
00C0: 05 03 05 01 04 03 04 01 03 03 03 01 02 03 02 01 ................ 
00D0: 02 02 01 01          .... 
URL-Loader-11, received EOFException: error 
URL-Loader-11, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 
URL-Loader-11, SEND TLSv1.2 ALERT: fatal, description = handshake_failure 
URL-Loader-11, WRITE: TLSv1.2 Alert, length = 2 
[Raw write]: length = 7 
0000: 15 03 03 00 02 02 28        ......(
URL-Loader-11, called closeSocket() 
URL-Loader-11, called close() 
URL-Loader-11, called closeInternal(true) 
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 
Allow unsafe renegotiation: false 
Allow legacy hello messages: true 
Is initial handshake: true 
Is secure renegotiation: false 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for SSLv3 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1 
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1 
%% No cached client session 
*** ClientHello, TLSv1.2 
RandomCookie: GMT: 1429261936 bytes = { 9, 49, 116, 72, 24, 164, 72, 165, 44, 25, 150, 147, 0, 29, 236, 63, 194, 176, 136, 220, 66, 244, 111, 254, 15, 109, 124, 206 } 
Session ID: {} 
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] 
Compression Methods: { 0 } 
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1} 
Extension ec_point_formats, formats: [uncompressed] 
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA 
*** 
[write] MD5 and SHA1 hashes: len = 207 
0000: 01 00 00 CB 03 03 55 31 CE 70 09 31 74 48 18 A4 ......U1.p.1tH.. 
0010: 48 A5 2C 19 96 93 00 1D EC 3F C2 B0 88 DC 42 F4 H.,......?....B. 
0020: 6F FE 0F 6D 7C CE 00 00 46 C0 23 C0 27 00 3C C0 o..m....F.#.'.<. 
0030: 25 C0 29 00 67 00 40 C0 09 C0 13 00 2F C0 04 C0 %.).g.@...../... 
0040: 0E 00 33 00 32 C0 07 C0 11 00 05 C0 02 C0 0C C0 ..3.2........... 
0050: 2B C0 2F 00 9C C0 2D C0 31 00 9E 00 A2 C0 08 C0 +./...-.1....... 
0060: 12 00 0A C0 03 C0 0D 00 16 00 13 00 04 00 FF 01 ................ 
0070: 00 00 5C 00 0A 00 34 00 32 00 17 00 01 00 03 00 ..\...4.2....... 
0080: 13 00 15 00 06 00 07 00 09 00 0A 00 18 00 0B 00 ................ 
0090: 0C 00 19 00 0D 00 0E 00 0F 00 10 00 11 00 02 00 ................ 
00A0: 12 00 04 00 05 00 14 00 08 00 16 00 0B 00 02 01 ................ 
00B0: 00 00 0D 00 1A 00 18 06 03 06 01 05 03 05 01 04 ................ 
00C0: 03 04 01 03 03 03 01 02 03 02 01 02 02 01 01  ............... 
URL-Loader-11, WRITE: TLSv1.2 Handshake, length = 207 
[Raw write]: length = 212 
0000: 16 03 03 00 CF 01 00 00 CB 03 03 55 31 CE 70 09 ...........U1.p. 
0010: 31 74 48 18 A4 48 A5 2C 19 96 93 00 1D EC 3F C2 1tH..H.,......?. 
0020: B0 88 DC 42 F4 6F FE 0F 6D 7C CE 00 00 46 C0 23 ...B.o..m....F.# 
0030: C0 27 00 3C C0 25 C0 29 00 67 00 40 C0 09 C0 13 .'.<.%.).g.@.... 
0040: 00 2F C0 04 C0 0E 00 33 00 32 C0 07 C0 11 00 05 ./.....3.2...... 
0050: C0 02 C0 0C C0 2B C0 2F 00 9C C0 2D C0 31 00 9E .....+./...-.1.. 
0060: 00 A2 C0 08 C0 12 00 0A C0 03 C0 0D 00 16 00 13 ................ 
0070: 00 04 00 FF 01 00 00 5C 00 0A 00 34 00 32 00 17 .......\...4.2.. 
0080: 00 01 00 03 00 13 00 15 00 06 00 07 00 09 00 0A ................ 
0090: 00 18 00 0B 00 0C 00 19 00 0D 00 0E 00 0F 00 10 ................ 
00A0: 00 11 00 02 00 12 00 04 00 05 00 14 00 08 00 16 ................ 
00B0: 00 0B 00 02 01 00 00 0D 00 1A 00 18 06 03 06 01 ................ 
00C0: 05 03 05 01 04 03 04 01 03 03 03 01 02 03 02 01 ................ 
00D0: 02 02 01 01          .... 
URL-Loader-11, received EOFException: error 
URL-Loader-11, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake 
URL-Loader-11, SEND TLSv1.2 ALERT: fatal, description = handshake_failure 
URL-Loader-11, WRITE: TLSv1.2 Alert, length = 2 
[Raw write]: length = 7 
0000: 15 03 03 00 02 02 28        ......(
URL-Loader-11, called closeSocket() 
webEngine result FAILED 
java.lang.Throwable: SSL handshake failed 
java.lang.Throwable: SSL handshake failed 
    at javafx.scene.web.WebEngine$LoadWorker.describeError(WebEngine.java:1390) 
    at javafx.scene.web.WebEngine$LoadWorker.dispatchLoadEvent(WebEngine.java:1329) 
    at javafx.scene.web.WebEngine$LoadWorker.access$1100(WebEngine.java:1207) 
    at javafx.scene.web.WebEngine$PageLoadListener.dispatchLoadEvent(WebEngine.java:1194) 
    at com.sun.webkit.WebPage.fireLoadEvent(WebPage.java:2373) 
    at com.sun.webkit.WebPage.fwkFireLoadEvent(WebPage.java:2217) 
    at com.sun.webkit.network.URLLoader.twkDidFail(Native Method) 
    at com.sun.webkit.network.URLLoader.notifyDidFail(URLLoader.java:842) 
    at com.sun.webkit.network.URLLoader.access$1300(URLLoader.java:43) 
    at com.sun.webkit.network.URLLoader$7.run(URLLoader.java:824) 
    at com.sun.glass.ui.InvokeLaterDispatcher$Future.run(InvokeLaterDispatcher.java:95) 
    at com.sun.glass.ui.win.WinApplication._runLoop(Native Method) 
    at com.sun.glass.ui.win.WinApplication.access$300(WinApplication.java:39) 
    at com.sun.glass.ui.win.WinApplication$4$1.run(WinApplication.java:112) 
    at java.lang.Thread.run(Thread.java:744) 

Ich habe einen Browser mit dem JavaFX WebView Steuerelement geschrieben. Alles ist in Ordnung, bis ich versuche, eine verschlüsselte Seite zu laden. Ich versuche https://www.gmail.com und ich bekomme einen "Unbekannten Fehler" in der Ausnahme Eigenschaft des Ladearbeiters. Dies geschieht nur, wenn ich die Anwendung als Stand-alone-Paket verpacke; Wenn ich das Projekt in NetBeans betreibe, ist alles in Ordnung. Ich nehme an, es hat mit SSL-Zertifikaten zu tun, aber ich habe so ziemlich alles versucht, was ich mir vorstellen konnte, einschließlich des Importierens jedes Zertifikats in den Trust Store mit "keytool", aber nichts funktioniert.

Irgendwelche Ideen? Sehr geschätzt. Vielen Dank.

Answer 1

Ran in das gleiche Problem wie Sie. Vermutung ist, dass JDK 8 TLS1.2 als Standard verwendet (https://blogs.oracle.com/java-platform-group/entry/java_8_will_use_tls). Das Erzwingen der Verwendung von TLS 1 durch den Client löste dieses Problem für mich.

Versuchen Sie es mit -Djdk.tls.client.protocols = "TLSv1".

Answer 2

In Ihrer Lösung mit TrustManager müssen Sie nach der Installation des vertrauenswürdigen Trust Managers zusätzliche Anweisungen hinzufügen.

fand ich die vollständige Lösung hier:

http://www.nakov.com/blog/2009/07/16/disable-certificate-validation-in-java-ssl-connections/

ich es auf JDK-9.0.1 getestet und es funktioniert.

// Create all-trusting host name verifier 
HostnameVerifier allHostsValid = new HostnameVerifier() { 
    public boolean verify(String hostname, SSLSession session) { 
     return true; 
    } 
}; 

// Install the all-trusting host verifier 
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);