Java 11 HTTPS conexión falla con SSL HandshakeException durante el uso de Jsoup

Compañero :

Estoy tratando de rastrear una página web ( éste ) usando la biblioteca Jsoup. Durante la realización de la operación GET sencilla, me estoy haciendo la siguiente excepción:

javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.431 EET|Utilities.java:73|the previous server name in SNI (type=host_name (0), value=www.kitapburada.com) was replaced with (type=host_name (0), value=www.kitapburada.com)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.432 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_128_GCM_SHA256 for TLS12
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.432 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_256_GCM_SHA384 for TLS12
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.433 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.434 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.435 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.435 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.435 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.435 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.436 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.437 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.439 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.439 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLS11
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.440 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.441 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.441 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.441 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.441 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.442 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.443 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.444 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.444 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLS10
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.444 EET|HandshakeContext.java:290|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLS10
javax.net.ssl|ALL|01|main|2018-12-24 15:41:06.446 EET|ClientHello.java:533|Try resuming session (
Session(1545655264774|TLS_AES_128_GCM_SHA256)
)
javax.net.ssl|WARNING|01|main|2018-12-24 15:41:06.447 EET|ServerNameExtension.java:255|Unable to indicate server name
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.447 EET|SSLExtensions.java:235|Ignore, context unavailable extension: server_name
javax.net.ssl|ALL|01|main|2018-12-24 15:41:06.448 EET|SignatureScheme.java:358|Ignore disabled signature sheme: rsa_md5
javax.net.ssl|INFO|01|main|2018-12-24 15:41:06.449 EET|AlpnExtension.java:161|No available application protocols
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.450 EET|SSLExtensions.java:235|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.450 EET|SSLExtensions.java:235|Ignore, context unavailable extension: cookie
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.453 EET|SSLExtensions.java:235|Ignore, context unavailable extension: renegotiation_info
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.454 EET|PreSharedKeyExtension.java:660|Found resumable session. Preparing PSK message.
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.460 EET|ClientHello.java:651|Produced ClientHello handshake message (
"ClientHello": {
  "client version"      : "TLSv1.2",
  "random"              : "92 34 9B 36 90 0C 89 8F 5B E6 C9 D9 DA 57 C6 80 EA B8 41 09 62 2A 7E E8 40 E3 6F 24 A4 17 B2 CB",
  "session id"          : "",
  "cipher suites"       : "[TLS_AES_128_GCM_SHA256(0x1301), TLS_AES_256_GCM_SHA384(0x1302), TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
  "compression methods" : "00",
  "extensions"          : [
    "status_request (5)": {
      "certificate status type": ocsp
      "OCSP status request": {
        "responder_id": <empty>
        "request extensions": {
          <empty>
        }
      }
    },
    "supported_groups (10)": {
      "versions": [secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
    },
    "ec_point_formats (11)": {
      "formats": [uncompressed]
    },
    "signature_algorithms (13)": {
      "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
    },
    "signature_algorithms_cert (50)": {
      "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
    },
    "status_request_v2 (17)": {
      "cert status request": {
        "certificate status type": ocsp_multi
        "OCSP status request": {
          "responder_id": <empty>
          "request extensions": {
            <empty>
          }
        }
      }
    },
    "extended_master_secret (23)": {
      <empty>
    },
    "supported_versions (43)": {
      "versions": [TLSv1.3, TLSv1.2, TLSv1.1, TLSv1]
    },
    "psk_key_exchange_modes (45)": {
      "ke_modes": [psk_dhe_ke]
    },
    "key_share (51)": {
      "client_shares": [  
        {
          "named group": secp256r1
          "key_exchange": {
            0000: 04 DA 61 A6 AD F0 04 28   48 13 86 AF EA 2F EB A5  ..a....(H..../..
            0010: 0A 0C 40 80 C2 C6 81 FE   04 87 7E 52 B1 C9 92 A4  [email protected]....
            0020: C3 6B 9C CA 49 B5 8A 4C   08 9B 38 70 01 68 AF 13  .k..I..L..8p.h..
            0030: 42 63 8B 08 C5 1A 13 7D   87 35 48 1B 97 1A CE 67  Bc.......5H....g
            0040: 10 
          }
        },
      ]
    },
    "pre_shared_key (41)": {
      "PreSharedKey": {
        "identities"    : "  {47 84 2C AA 7B 65 00 50 67 90 20 6A 1C 4D BB 4C 60 55 22 B6 06 76 B7 F7 EC BC FC 07 E9 E0 E2 6D E2 5E 98 04 9C 53 0B 9F 72 00 17 53 D6 E3 CC 4B 37 50 B1 2D FD 7E 0A 7D 20 57 8E AA 4D 93 F0 4F 53 39 25 E5 2D E0 C7 E7 6C 53 6D A1 D2 3F 37 CA FD 3F 73 45 B3 93 31 A5 DA 27 D1 9F F8 BF EF 60 04 82 9F E9 71 84 5F FD D1 F9 50 DE CD 3C 83 33 EA 8B 5C 63 1C 44 69 31 9E 09 B3 67 D5 B3 25 02 D1 93 5F E6 50 38 B1 FB FF 70 51 37 9B 39 4B 90 C9 36 FD 7D E0 DD F7 DE 37 EA 71 24 1A 51 A0 15 B4 56 0C D3 26 EA 94 D6 9B BD 35 5B 9D 71 1E 84,14994940}",
        "binders"       : "  {95 2A 0D 86 A4 FD 38 13 66 70 BD D0 ED FC BD C5 C2 B4 A4 4C 8C 3C 60 3B 74 40 AE 2F 84 D2 C4 4F}",
      }
    }
  ]
}
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.460 EET|SSLSocketOutputRecord.java:241|WRITE: TLS13 handshake, length = 608
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.461 EET|SSLSocketOutputRecord.java:255|Raw write (
  0000: 16 03 03 02 60 01 00 02   5C 03 03 92 34 9B 36 90  ....`...\...4.6.
  0010: 0C 89 8F 5B E6 C9 D9 DA   57 C6 80 EA B8 41 09 62  ...[....W....A.b
  0020: 2A 7E E8 40 E3 6F 24 A4   17 B2 CB 00 00 5A 13 01  *[email protected]$......Z..
  0030: 13 02 C0 2C C0 2B C0 30   00 9D C0 2E C0 32 00 9F  ...,.+.0.....2..
  0040: 00 A3 C0 2F 00 9C C0 2D   C0 31 00 9E 00 A2 C0 24  .../...-.1.....$
  0050: C0 28 00 3D C0 26 C0 2A   00 6B 00 6A C0 0A C0 14  .(.=.&.*.k.j....
  0060: 00 35 C0 05 C0 0F 00 39   00 38 C0 23 C0 27 00 3C  .5.....9.8.#.'.<
  0070: C0 25 C0 29 00 67 00 40   C0 09 C0 13 00 2F C0 04  .%.).g.@...../..
  0080: C0 0E 00 33 00 32 00 FF   01 00 01 D9 00 05 00 05  ...3.2..........
  0090: 01 00 00 00 00 00 0A 00   20 00 1E 00 17 00 18 00  ........ .......
  00A0: 19 00 09 00 0A 00 0B 00   0C 00 0D 00 0E 00 16 01  ................
  00B0: 00 01 01 01 02 01 03 01   04 00 0B 00 02 01 00 00  ................
  00C0: 0D 00 28 00 26 04 03 05   03 06 03 08 04 08 05 08  ..(.&...........
  00D0: 06 08 09 08 0A 08 0B 04   01 05 01 06 01 04 02 03  ................
  00E0: 03 03 01 03 02 02 03 02   01 02 02 00 32 00 28 00  ............2.(.
  00F0: 26 04 03 05 03 06 03 08   04 08 05 08 06 08 09 08  &...............
  0100: 0A 08 0B 04 01 05 01 06   01 04 02 03 03 03 01 03  ................
  0110: 02 02 03 02 01 02 02 00   11 00 09 00 07 02 00 04  ................
  0120: 00 00 00 00 00 17 00 00   00 2B 00 09 08 03 04 03  .........+......
  0130: 03 03 02 03 01 00 2D 00   02 01 01 00 33 00 47 00  ......-.....3.G.
  0140: 45 00 17 00 41 04 DA 61   A6 AD F0 04 28 48 13 86  E...A..a....(H..
  0150: AF EA 2F EB A5 0A 0C 40   80 C2 C6 81 FE 04 87 7E  ../....@........
  0160: 52 B1 C9 92 A4 C3 6B 9C   CA 49 B5 8A 4C 08 9B 38  R.....k..I..L..8
  0170: 70 01 68 AF 13 42 63 8B   08 C5 1A 13 7D 87 35 48  p.h..Bc.......5H
  0180: 1B 97 1A CE 67 10 00 29   00 DB 00 B6 00 B0 47 84  ....g..)......G.
  0190: 2C AA 7B 65 00 50 67 90   20 6A 1C 4D BB 4C 60 55  ,..e.Pg. j.M.L`U
  01A0: 22 B6 06 76 B7 F7 EC BC   FC 07 E9 E0 E2 6D E2 5E  "..v.........m.^
  01B0: 98 04 9C 53 0B 9F 72 00   17 53 D6 E3 CC 4B 37 50  ...S..r..S...K7P
  01C0: B1 2D FD 7E 0A 7D 20 57   8E AA 4D 93 F0 4F 53 39  .-.... W..M..OS9
  01D0: 25 E5 2D E0 C7 E7 6C 53   6D A1 D2 3F 37 CA FD 3F  %.-...lSm..?7..?
  01E0: 73 45 B3 93 31 A5 DA 27   D1 9F F8 BF EF 60 04 82  sE..1..'.....`..
  01F0: 9F E9 71 84 5F FD D1 F9   50 DE CD 3C 83 33 EA 8B  ..q._...P..<.3..
  0200: 5C 63 1C 44 69 31 9E 09   B3 67 D5 B3 25 02 D1 93  \c.Di1...g..%...
  0210: 5F E6 50 38 B1 FB FF 70   51 37 9B 39 4B 90 C9 36  _.P8...pQ7.9K..6
  0220: FD 7D E0 DD F7 DE 37 EA   71 24 1A 51 A0 15 B4 56  ......7.q$.Q...V
  0230: 0C D3 26 EA 94 D6 9B BD   35 5B 9D 71 1E 84 00 E4  ..&.....5[.q....
  0240: CD FC 00 21 20 95 2A 0D   86 A4 FD 38 13 66 70 BD  ...! .*....8.fp.
  0250: D0 ED FC BD C5 C2 B4 A4   4C 8C 3C 60 3B 74 40 AE  ........L.<`;t@.
  0260: 2F 84 D2 C4 4F                                     /...O
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.518 EET|SSLSocketInputRecord.java:458|Raw read (
  0000: 15 03 01 00 02                                     .....
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.519 EET|SSLSocketInputRecord.java:213|READ: TLSv1 alert, length = 2
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.519 EET|SSLSocketInputRecord.java:458|Raw read (
  0000: 02 28                                              .(
)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.519 EET|SSLSocketInputRecord.java:249|READ: TLSv1 alert, length = 2
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.520 EET|Alert.java:232|Received alert message (
"Alert": {
  "level"      : "fatal",
  "description": "handshake_failure"
}
)
javax.net.ssl|ERROR|01|main|2018-12-24 15:41:06.520 EET|TransportContext.java:313|Fatal (HANDSHAKE_FAILURE): Received fatal alert: handshake_failure (
"throwable" : {
  javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
    at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
    at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
    at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
    at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:279)
    at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:181)
    at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
    at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
    at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
    at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
    at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
    at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:163)
    at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:746)
    at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:722)
    at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:306)
    at org.jsoup.helper.HttpConnection.get(HttpConnection.java:295)
    at com.kitaplist.common.JsoupParser.parse(JsoupParser.java:23)
    at com.kitaplist.common.Collector.extractListPageLinksFromCatPage(Collector.java:94)
    at com.kitaplist.common.Collector.collectListPageLinks(Collector.java:148)
    at com.kitaplist.KitapListConsole.run(KitapListConsole.java:47)
    at com.kitaplist.KitapList.main(KitapList.java:74)}

)
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.521 EET|SSLSocketImpl.java:1361|close the underlying socket
javax.net.ssl|DEBUG|01|main|2018-12-24 15:41:06.521 EET|SSLSocketImpl.java:1380|close the SSL connection (initiative)
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
    at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
    at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
    at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
    at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:279)
    at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:181)
    at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
    at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
    at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
    at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
    at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
    at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:163)
    at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:746)
    at org.jsoup.helper.HttpConnection$Response.execute(HttpConnection.java:722)
    at org.jsoup.helper.HttpConnection.execute(HttpConnection.java:306)
    at org.jsoup.helper.HttpConnection.get(HttpConnection.java:295)
    at com.kitaplist.common.JsoupParser.parse(JsoupParser.java:23)
    at com.kitaplist.common.Collector.extractListPageLinksFromCatPage(Collector.java:94)
    at com.kitaplist.common.Collector.collectListPageLinks(Collector.java:148)
    at com.kitaplist.KitapListConsole.run(KitapListConsole.java:47)
    at com.kitaplist.KitapList.main(KitapList.java:74)

y este es el contenido del JsoupParser.parsemétodo:

public Document parse(String url) {

    try {
        return Jsoup.connect(url).timeout(300 * 1000)
            .userAgent("Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.152 Safari/537.36").ignoreContentType(true)
            .get();
    } catch (IOException e) {
        e.printStackTrace();
    }
    return Jsoup.parse("");
}

Al principio, pensé que era debido a la falta de cifrado, pero luego me di cuenta de que esta excepción se produce debido a un error en JDK antes 1.8u141. Probé con JDK 1.8u191, todo funciona bien, pero cuando se utiliza JDK 11, a excepción anterior aparece de nuevo. ¿Hay algo que me falta? Agradezco cualquier ayuda.

El tema también desaparece cuando se utiliza el acceso temprano JDK 12. ¿Cómo puedo utilizar JDK 11 sin hacer frente a este problema?

dave_thompson_085:

En primer lugar, para ser claros: handshake_failurepuede ser causada por un montón de otras cosas que faltan SNI; 'alerta fatal' puede ser causado por muchas cosas que no sean handshake_failure, y SSLHandshakeExceptionpuede ser causada por un montón de cosas que no sean 'alerta fatal'.

Sin embargo, parece que aquí JSSE está fallando para enviar una solicitud de SNI TLS1.3 reanudación - aunque el servidor responde con handshake_failure con la versión 1.0 (cable 03 01) es una extraña manera de manejar esto; rfc8446 9.2 indica que el servidor debe utilizar missing_extension para este caso, presumiblemente en un registro de 1.2 ya que es un nuevo-en-1.3 y 1.3 mantiene alerta 1.2 como la versión de registro como un kludge compatibilidad. Sobre todo porque este servidor es un (a) Cloudflare, que es una razón buena que quieren SNI, pero debido a que manejan un volumen tan grande y la variedad de terminación TLS-era-SSL que debe ser capaz de manejar casos como este.

Java 8 funciona presumiblemente debido a que no implementa TLS1.3. Desde usos jsoup HttpsURLConnectionsi conjunto sysprophttps.protocols a un valor omitiendo TLSv1.3 como TLSv1,TLSv1.1,TLSv1.2se debe evitar el problema en Java 11 - siempre y cuando ninguna otra cosa en los mismos usos de proceso HttpsURLConnectionde una para una conexión que necesita 1.3, 1.3 y desde solamente se finalizó hace unos meses que parece poco probable. Nota: definitivamente no incluyen SSLv3y si ninguna de sus otras conexiones necesitan 1.0 a continuación, omitiendo también TLSv1sería una buena práctica.

Como alternativa desde la conexión inicial, aparentemente funciona (y lo hace por mí en una prueba simple con 11.0.1) debería funcionar para evitar la reanudación estableciendo el SSLContextutilizado por estas conexiones a uno que no caché de información de sesión, o al menos no estas . Pero eso es probablemente más trabajo, por lo que no iría a menos que sea necesario.