我有一个连接到配置了 SSL 的服务器的客户端代码。现在服务器正在从 SSL 切换到 TLS 以获得更好的安全性,完全禁用 SSL。客户端会有任何代码级别的更改吗?
这是我的代码:
public String callService(String _data, String _signature) {
SSLContext sslcontext = null;
String response = null;
try {
sslcontext = SSLContext.getInstance("SSL");
sslcontext.init(new KeyManager[0],
new TrustManager[] { new DummyTrustManager() },
new SecureRandom());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace(System.err);
} catch (KeyManagementException e) {
e.printStackTrace(System.err);
}
SSLSocketFactory factory = sslcontext.getSocketFactory();
String data = _data;
String signature = _signature;
String urlParameters = "data=";
try {
urlParameters = urlParameters + URLEncoder.encode(data, "UTF-8")
+ "&signature=" + URLEncoder.encode(signature, "UTF-8");
} catch (Exception e) {
e.printStackTrace();
}
try {
URL url;
HttpsURLConnection connection;
InputStream is = null;
url = new URL("https://**.**.**.**/TLS/Inquiry");
connection = (HttpsURLConnection) url.openConnection();
connection.setRequestMethod("POST");
connection.setRequestProperty("Content-Type",
"application/x-www-form-urlencoded");
connection.setRequestProperty("Content-Length",
"" + Integer.toString(urlParameters.getBytes().length));
connection.setRequestProperty("Content-Language", "en-US");
connection.setUseCaches(false);
connection.setDoInput(true);
connection.setDoOutput(true);
connection.setSSLSocketFactory(factory);
connection.setHostnameVerifier(new DummyHostnameVerifier());
OutputStream os = connection.getOutputStream();
OutputStreamWriter osw = new OutputStreamWriter(os);
osw.write(urlParameters);
osw.flush();
osw.close();
is = connection.getInputStream();
BufferedReader in = new BufferedReader(new InputStreamReader(is));
response = in.readLine();
System.out.println("Output " + response);
is.close();
in.close();
} catch(ConnectException connExp) {
connExp.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return response;
}
最佳答案
根据客户端使用的 java 版本,可能会有影响。不同版本的 Java 会有不同的默认协议(protocol)。请引用以下链接以引用 Java 8,7 和 6 的默认值。
https://blogs.oracle.com/java-platform-group/entry/diagnosing_tls_ssl_and_https
如果您在服务器上禁用客户端正在使用的默认版本的协议(protocol)版本,则客户端将开始失败。这可以通过更改默认协议(protocol)来纠正 - 通过使用系统属性“https.protocols”。
关于java - 如果服务器从 SSL 切换到 TLS,是否会有任何客户端(java 代码)更改,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/34871688/