目前,我正在使用Spray i / o实现Scala的Web服务 . 希望使用SSL来保护我的请求 . 但是我在配置SSL时遇到了困难 . 当启动https调用时,会出现与握手相关的错误
fatal error: 80: Inbound closed before receiving peer's close_notify: possible truncation attack?
javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
使用此创建证书
keytool -genkey -keyalg RSA -alias mykey -dname "CN=dev.site.com,OU=app" -keystore keystore.jks -storepass pas -validity 365
创建了这样的ssl特征
trait SSLConfiguration {
implicit def sslContext: SSLContext = {
val keystore = keystore.jks
val password = pas
val keyStore = KeyStore.getInstance("jks")
val in = getClass.getClassLoader.getResourceAsStream(keystore)
require(in != null, "Bad java key storage file: " + keystore)
keyStore.load(in, password.toCharArray)
val keyManagerFactory = KeyManagerFactory.getInstance("SunX509")
keyManagerFactory.init(keyStore, password.toCharArray)
val trustManagerFactory = TrustManagerFactory.getInstance("SunX509")
trustManagerFactory.init(keyStore)
val context = SSLContext.getInstance("TLS")
context.init(keyManagerFactory.getKeyManagers, trustManagerFactory.getTrustManagers, new SecureRandom)
context
}
implicit def sslEngineProvider: ServerSSLEngineProvider = {
ServerSSLEngineProvider { engine =>
engine.setEnabledCipherSuites(Array("TLS_RSA_WITH_AES_256_CBC_SHA"))
engine.setEnabledProtocols(Array("SSLv3", "TLSv1"))
engine
}
}
}
设置我的启动以使用特征 .
object Boot extends App with SSLConfiguration
//bind to io interface. set ssl engine providor
IO(Http) ! Http.Bind(service, interface = interface, port)(sslEngineProvider)
}
2 回答
您是否在配置文件中启用了SSL?
我尝试了你的代码并略微改变它,它在我的笔记本电脑上工作 . 我删除了整个
implicit def sslEngineProvider
并使用默认值IO(Http) ! Http.Bind(service, interface = "0.0.0.0", port = 8080)
. 你把密钥库文件放在项目的资源文件夹(project / src / main / resources)中吗?该问题可能与安装的Java版本有关 . 当我在linux机器上安装打开JDK版本的java时,我遇到了这个问题,当我将java版本更改为Oracle JDK时,问题就消失了 .
引发此异常的确切应用程序是Information Workbench(流体操作产品),java版本是8使用流体操作系统的系统预先确定中未提及哪个版本的java .