Почему tlsv1 и tlsv1.2 оба включены для рукопожатия ssl к удаленному серверу? - PullRequest
Новая
       111

Почему tlsv1 и tlsv1.2 оба включены для рукопожатия ssl к удаленному серверу?

0 голосов
/ 17 марта 2020

Я не знаю об этой ошибке, но я пытаюсь подключиться к моему серверу БД с локальной машины и получаю эту ошибку от Tlsv1 и Tlsv1.2. Я использую JRE7 и сервер также имеет то же самое. Я пытался использовать эти строки, но у меня не получилось -Dhttps.protocols = TLSv1 -Ddeployment.security.TLSv1.2 = false

Спасибо 

INFO: Initializing Spring root WebApplicationContext
System property jdk.tls.client.cipherSuites is set to 'null'
System property jdk.tls.server.cipherSuites is set to 'null'
Ignoring disabled cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA
Ignoring disabled cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA256
Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_NULL_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_DES_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_DES_CBC_MD5
Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_NULL_SHA
Ignoring disabled cipher suite: SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
Ignoring disabled cipher suite: SSL_DH_anon_WITH_DES_CBC_SHA
Ignoring disabled cipher suite: TLS_DH_anon_WITH_AES_128_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_DES_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
Ignoring disabled cipher suite: SSL_DHE_RSA_WITH_DES_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_3DES_EDE_CBC_MD5
Ignoring disabled cipher suite: SSL_DH_anon_WITH_RC4_128_MD5
Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_NULL_SHA
Ignoring disabled cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_RSA_WITH_NULL_SHA256
Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_anon_WITH_NULL_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
 Ignoring disabled cipher suite: TLS_ECDH_anon_WITH_RC4_128_SHA
Ignoring disabled cipher suite: SSL_DHE_DSS_WITH_DES_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_EXPORT_WITH_RC4_40_SHA
 Ignoring disabled cipher suite: SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_RC4_128_SHA
 Ignoring disabled cipher suite: TLS_ECDH_anon_WITH_AES_256_CBC_SHA
 Ignoring disabled cipher suite: SSL_RSA_EXPORT_WITH_RC4_40_MD5
 Ignoring disabled cipher suite: TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
   Ignoring disabled cipher suite: TLS_KRB5_EXPORT_WITH_RC4_40_MD5
 Ignoring disabled cipher suite: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
  Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_RC4_128_SHA
  Ignoring disabled cipher suite: TLS_KRB5_WITH_RC4_128_MD5
  Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
  Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
  Ignoring disabled cipher suite: SSL_RSA_WITH_RC4_128_SHA
  Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_NULL_SHA
  Ignoring disabled cipher suite: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
   Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_RC4_128_SHA
  Ignoring disabled cipher suite: SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
    Ignoring disabled cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
   Ignoring disabled cipher suite: SSL_RSA_WITH_NULL_SHA
  Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_RC4_128_SHA
  Ignoring disabled cipher suite: SSL_RSA_WITH_RC4_128_MD5
   Ignoring disabled cipher suite: TLS_DH_anon_WITH_AES_128_CBC_SHA256
   Ignoring disabled cipher suite: SSL_RSA_WITH_NULL_MD5
   Ignoring disabled cipher suite: TLS_DH_anon_WITH_AES_128_GCM_SHA256
   Ignoring disabled cipher suite: TLS_DH_anon_WITH_AES_256_GCM_SHA384
   Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
    Ignoring disabled cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
   Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
     Ignoring disabled cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
     Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
     Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
     Ignoring disabled cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
     Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
      Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
    Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
    Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
     Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
    Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
    Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
      Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
      Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
     Ignoring disabled cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
    Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
     Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
      Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
     Ignoring disabled cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
       Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
      Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_GCM_SHA256
     Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
      Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
      Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
      Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
       Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
       Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
        Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
       Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
      Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
      Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
     Ignoring disabled cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
       Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
     Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
        Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
         Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
      Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

   trigger seeding of SecureRandom
  done seeding SecureRandom
   Allow unsafe renegotiation: false
    Allow legacy hello messages: true
    Is initial handshake: true
     Is secure renegotiation: false
     %% No cached client session
     update handshake state: client_hello[1]
    upcoming handshake states: server_hello[2]
   *** ClientHello, TLSv1
       RandomCookie:  GMT: 1584368931 bytes = { 204, 134, 232, 179, 6, 102, 57, 163, 42, 53, 48, 47, 
     69, 42, 100, 112, 0, 127, 218, 250, 63, 61, 6, 85, 222, 50, 37, 157 }
      Session ID:  {}
     Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 
      TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, 
        TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 
       TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 
         TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, 
              TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, 
               TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 
      TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
      Compression Methods:  { 0 }
        Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}
        Extension ec_point_formats, formats: [uncompressed]
        Extension extended_master_secret
        Extension server_name, server_name: [type=host_name (0), value=value.net]
        ***
       localhost-startStop-1, WRITE: TLSv1 Handshake, length = 130
       localhost-startStop-1, called close()
       localhost-startStop-1, called closeInternal(true)
       localhost-startStop-1, SEND TLSv1.2 ALERT:  warning, description = close_notify
       localhost-startStop-1, WRITE: TLSv1.2 Alert, length = 2
       localhost-startStop-1, called closeSocket(true)
       localhost-startStop-1, waiting for close_notify or alert: state 5
       localhost-startStop-1, received EOFException: ignored
       localhost-startStop-1, called closeInternal(false)
       localhost-startStop-1, close invoked again; state = 5
       localhost-startStop-1, handling exception: java.io.IOException: SQL Server did not return a 
       response. The connection has been closed.
       localhost-startStop-1, called closeSocket()
       Finalizer, called close()
       Finalizer, called closeInternal(true)
...