Java 7 oracle 不支持 TLSv1.2。 我一直在尝试运行我的代码,并且尝试了以下操作:
System.setProperty("deployment.security.TLSv1.1", "false")
System.setProperty("deployment.security.TLSv1", "false")
System.setProperty("deployment.security.TLSv1.2", "true")
System.setProperty("https.protocols", "TLSv1.2")
System.setProperty("https.cipherSuites", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,AES_256_GCM,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384")
这并没有帮助。
如何强制我的 Java7 应用程序使用 Tlsv1.2。我可以使用默认使用 TLS1.2 的 java8 运行我的程序,并且一切正常。
我如何在 Java7 中从 Oracle 中做到这一点。
我也尝试进入 /usr/lib/jvm/java-7-oracle/jre/lib/security 并禁用 jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, TLSv1 但它仍然不起作用。
我哪里错了?
顺便说一句,我得到 sslhandshakeexception-handshake-failure
编辑:
错误:
0000: 02 28 .(
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT: fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
166 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Connection org.apache.http.impl.conn.DefaultClientConnection@6b18e1c6 closed
166 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Connection org.apache.http.impl.conn.DefaultClientConnection@6b18e1c6 shut down
main, called close()
main, called closeInternal(true)
[main] DEBUG org.apache.http.impl.conn.BasicClientConnectionManager - Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@1f2dc289
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:533)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:401)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:214)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:160)
最佳答案
我遇到了同样的问题,因为我是使用 Apache HTTP Client 库发出请求的,所以我通过这种方式初始化 HttpClient 解决了这个问题
CloseableHttpClient client = HttpClients.custom()
.setSSLSocketFactory(getSSLContext())
.build();
getSSLContext() 方法在哪里
private SSLConnectionSocketFactory getSSLContext() throws NoSuchAlgorithmException {
return new SSLConnectionSocketFactory(
SSLContext.getDefault(),
new String[]{"TLSv1.2"},
null,
new NoopHostnameVerifier());
}
关于Java 7 oracle 不支持 TLSv1.2,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/42673807/