客户端可以从服务器接收带有 remotecertificatechain 错误的证书,但java服务器会抛出错误的null证书链 .
我在java中传递 keystore ,而c#客户端使用 .crt 证书 . 我已将客户端证书导入服务器证书 .
我注意到在握手期间,当java服务器访问 getAcceptedIssuers 时,java netty服务器会抛出异常消息:
WARNING: Unexpected exception from downstream.
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: null cert chain
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:262)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:131)
at io.netty.channel.DefaultChannelHandlerContext.invokeChannelRead(DefaultChannelHandlerContext.java:334)
at io.netty.channel.DefaultChannelHandlerContext.fireChannelRead(DefaultChannelHandlerContext.java:320)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:785)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:100)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:497)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:465)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:359)
at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:101)....
知道为什么会这样吗?有什么建议可以解决吗? :(
1 回答
回答我自己的问题,证明代码没有问题!当我使用dotnetasyncsocket在c#客户端上使用此证书时,它是's with the self signed certificate on the client side. I used keytool of java to make the self signed certificate but it didn' . 所以我所做的就是获得CA在http://cert.startcom.org/签署的免费证书 .