# SQL Server 未返回响应,连接已关闭
环境:
- SQLServer2008
- jdk1.8.0_231
异常堆栈:
java.io.IOException: SQL Server 未返回响应。连接已关闭。
at com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.ensureSSLPayload(IOBuffer.java:513)
at com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.readInternal(IOBuffer.java:570)
at com.microsoft.sqlserver.jdbc.TDSChannel$SSLHandshakeInputStream.read(IOBuffer.java:562)
at com.microsoft.sqlserver.jdbc.TDSChannel$ProxyInputStream.readInternal(IOBuffer.java:757)
at com.microsoft.sqlserver.jdbc.TDSChannel$ProxyInputStream.read(IOBuffer.java:745)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:975)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1379)
[wrapped] com.microsoft.sqlserver.jdbc.SQLServerException: 驱动程序无法通过使用安全套接字层(SSL)加密与 SQL Server 建立安全连接。错误:“SQL Server 未返回响应。连接已关闭。”。
at com.microsoft.sqlserver.jdbc.SQLServerConnection.terminate(SQLServerConnection.java:1368)
at com.microsoft.sqlserver.jdbc.TDSChannel.enableSSL(IOBuffer.java:1412)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:1058)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:833)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:716)
at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:841)
at com.succez.commons.jdbc.impl.a.a(JdbcUtils.java:1656)
at com.succez.commons.jdbc.impl.a.a(JdbcUtils.java:1413)
# 异常原因
sqlserver的jdbc连接,默认使用ssl,而sqlserver的ssl连接使用了3DES的算法。
从JDK 8u171开始,默认disable了3DES算法,详见:
https://java.com/en/download/help/release_changes.html
Change: XML Signatures Signed with EC Keys Less Than 224 Bits Disabled
To improve the strength of SSL/TLS connections, 3DES cipher suites have been disabled in SSL/TLS connections
in the JDK via the jdk.tls.disabledAlgorithms Security Property.
# 解决办法
修改jre\lib\security\java.security,删除jdk.tls.disabledAlgorithms中的3DES_EDE_CBC。
# 参考资料
- https://www.cnblogs.com/blsz/p/11530380.html
- https://www.java.com/en/configure_crypto.html
- https://docs.microsoft.com/zh-cn/archive/blogs/jdbcteam/the-driver-could-not-establish-a-secure-connection-to-sql-server-by-using-secure-sockets-layer-ssl-encryption
是否有帮助?
0条评论
评论