如果你能控制整个 Java 应用的启动, 那么你可以很简单的加SSL/TLS 的 debug 参数去打印等多的信息. 比如:
java -Djavax.net.debug=all myApp
java -Djavax.net.debug=ss:plaintext myApp
想查看更多可以用的参数: 必须找一个 App, 不能使用常见的 java -Djavax.net.debug=help -version
java -Djavax.net.debug=help myApp
一个访问百度首页的 (-Djavax.net.debug=ss:plaintext) 的输出:
javax.net.ssl|DEBUG|01|main|2021-08-06 07:43:20.943 PDT|SSLCipher.java:1769|Plaintext before ENCRYPTION (
0000: 47 45 54 20 2F 20 48 54 54 50 2F 31 2E 30 0A 0A GET / HTTP/1.0..
)
javax.net.ssl|DEBUG|01|main|2021-08-06 07:43:21.233 PDT|SSLCipher.java:1671|Plaintext after DECRYPTION (
0000: 48 54 54 50 2F 31 2E 30 20 35 30 30 20 49 6E 74 HTTP/1.0 500 Int
0010: 65 72 6E 61 6C 20 53 65 72 76 65 72 20 45 72 72 ernal Server Err
0020: 6F 72 0D 0A 43 6F 6E 74 65 6E 74 2D 4C 65 6E 67 or..Content-Leng
0030: 74 68 3A 20 30 0D 0A 43 6F 6E 74 65 6E 74 2D 54 th: 0..Content-T
0040: 79 70 65 3A 20 74 65 78 74 2F 70 6C 61 69 6E 3B ype: text/plain;
0050: 20 63 68 61 72 73 65 74 3D 75 74 66 2D 38 0D 0A charset=utf-8..
0060: 44 61 74 65 3A 20 46 72 69 2C 20 30 36 20 41 75 Date: Fri, 06 Au
0070: 67 20 32 30 32 31 20 31 34 3A 34 33 3A 32 31 20 g 2021 14:43:21
0080: 47 4D 54 0D 0A 53 65 72 76 65 72 3A 20 62 66 65 GMT..Server: bfe
0090: 0D 0A 0D 0A ....
)
更多信息参考:
- https://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/ReadDebug.html
- https://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html#Debug
- https://access.redhat.com/solutions/973783