解决jdk1.7https 请求是TLS1不支持TLS1.2的问题

最新推荐文章于 2021-11-15 19:38:28 发布
最新推荐文章于 2021-11-15 19:38:28 发布
阅读量3k 收藏 1
点赞数
分类专栏: jdk1.7 文章标签: jdk1.7 STL
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/linanqi_java/article/details/89504411
版权

如果可以升级jdk把jdk升级到1.8就可以解决,今天被这个困扰了一上午,老是抛出异常 connection reset,下面来说一下解决方法

package com.miaodiyun.httpapidemo.common;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;  
import java.io.DataOutputStream;  
import java.io.FileInputStream;  
import java.io.IOException;  
import java.io.InputStream;  
import java.io.OutputStream;  
import java.net.InetAddress;  
import java.net.InetSocketAddress;  
import java.net.Socket;  
import java.net.UnknownHostException;  
import java.security.KeyStore;  
import java.security.Principal;  
import java.security.SecureRandom;  
import java.security.Security;  
import java.security.cert.CertificateExpiredException;  
import java.security.cert.CertificateFactory;  
import java.util.Hashtable;  
import java.util.LinkedList;  
import java.util.List;  
  
import javax.net.ssl.HandshakeCompletedListener;  
import javax.net.ssl.SSLPeerUnverifiedException;  
import javax.net.ssl.SSLSession;  
import javax.net.ssl.SSLSessionContext;  
import javax.net.ssl.SSLSocket;  
import javax.net.ssl.SSLSocketFactory;  
import javax.security.cert.X509Certificate;  
  
import org.bouncycastle.crypto.tls.*;  
import org.bouncycastle.crypto.tls.Certificate;  
import org.bouncycastle.jce.provider.BouncyCastleProvider;  
  
/** 
 * Created by hzlizhou on 2016/9/9. 
 */  
public class TLSSocketConnectionFactory extends SSLSocketFactory {  
  
    static {  
        if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {  
            Security.addProvider(new BouncyCastleProvider());  
        }  
    }  
  
    @Override  
    public Socket createSocket(Socket socket, final String host, int port,  
                               boolean arg3) throws IOException {  
        if (socket == null) {  
            socket = new Socket();  
        }  
        if (!socket.isConnected()) {  
            socket.connect(new InetSocketAddress(host, port));  
        }  
  
        final TlsClientProtocol tlsClientProtocol = new TlsClientProtocol(socket.getInputStream(), socket.getOutputStream(), new SecureRandom());  
  
        return _createSSLSocket(host, tlsClientProtocol);  
    }  
  
    @Override  
    public String[] getDefaultCipherSuites() {  
        return null;  
    }  
  
    @Override  
    public String[] getSupportedCipherSuites() {  
        return null;  
    }  
  
    @Override  
    public Socket createSocket(String host, int port) throws IOException, UnknownHostException {  
        throw new UnsupportedOperationException();  
    }  
  
    @Override  
    public Socket createSocket(InetAddress host, int port) throws IOException {  
        throw new UnsupportedOperationException();  
    }  
  
    @Override  
    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException, UnknownHostException {  
        return null;  
    }  
  
    @Override  
    public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {  
        throw new UnsupportedOperationException();  
    }  
  
    private SSLSocket _createSSLSocket(final String host, final TlsClientProtocol tlsClientProtocol) {  
        return new SSLSocket() {  
            private java.security.cert.Certificate[] peertCerts;  
  
            @Override  
            public InputStream getInputStream() throws IOException {  
                return tlsClientProtocol.getInputStream();  
            }  
  
            @Override  
            public OutputStream getOutputStream() throws IOException {  
                return tlsClientProtocol.getOutputStream();  
            }  
  
            @Override  
            public synchronized void close() throws IOException {  
                tlsClientProtocol.close();  
            }  
  
            @Override  
            public void addHandshakeCompletedListener(HandshakeCompletedListener arg0) {  
            }  
  
            @Override  
            public boolean getEnableSessionCreation() {  
                return false;  
            }  
  
            @Override  
            public String[] getEnabledCipherSuites() {  
                return null;  
            }  
  
            @Override  
            public String[] getEnabledProtocols() {  
                return null;  
            }  
  
            @Override  
            public boolean getNeedClientAuth() {  
                return false;  
            }  
  
            @Override  
            public SSLSession getSession() {  
                return new SSLSession() {  
  
                    @Override  
                    public int getApplicationBufferSize() {  
                        return 0;  
                    }  
  
                    @Override  
                    public String getCipherSuite() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public long getCreationTime() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public byte[] getId() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public long getLastAccessedTime() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public java.security.cert.Certificate[] getLocalCertificates() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public Principal getLocalPrincipal() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public int getPacketBufferSize() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException {  
                        return null;  
                    }  
  
                    @Override  
                    public java.security.cert.Certificate[] getPeerCertificates() throws SSLPeerUnverifiedException {  
                        return peertCerts;  
                    }  
  
                    @Override  
                    public String getPeerHost() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public int getPeerPort() {  
                        return 0;  
                    }  
  
                    @Override  
                    public Principal getPeerPrincipal() throws SSLPeerUnverifiedException {  
                        return null;  
                    }  
  
                    @Override  
                    public String getProtocol() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public SSLSessionContext getSessionContext() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public Object getValue(String arg0) {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public String[] getValueNames() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public void invalidate() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public boolean isValid() {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public void putValue(String arg0, Object arg1) {  
                        throw new UnsupportedOperationException();  
                    }  
  
                    @Override  
                    public void removeValue(String arg0) {  
                        throw new UnsupportedOperationException();  
                    }  
                };  
            }  
  
            @Override  
            public String[] getSupportedProtocols() {  
                return null;  
            }  
  
            @Override  
            public boolean getUseClientMode() {  
                return false;  
            }  
  
            @Override  
            public boolean getWantClientAuth() {  
                return false;  
            }  
  
            @Override  
            public void removeHandshakeCompletedListener(HandshakeCompletedListener arg0) {  
            }  
  
            @Override  
            public void setEnableSessionCreation(boolean arg0) {  
            }  
  
            @Override  
            public void setEnabledCipherSuites(String[] arg0) {  
            }  
  
            @Override  
            public void setEnabledProtocols(String[] arg0) {  
            }  
  
            @Override  
            public void setNeedClientAuth(boolean arg0) {  
            }  
  
            @Override  
            public void setUseClientMode(boolean arg0) {  
            }  
  
            @Override  
            public void setWantClientAuth(boolean arg0) {  
            }  
  
            @Override  
            public String[] getSupportedCipherSuites() {  
                return null;  
            }  
  
            @Override  
            public void startHandshake() throws IOException {  
                tlsClientProtocol.connect(new DefaultTlsClient() {  
  
                    @SuppressWarnings("unchecked")  
                    @Override  
                    public Hashtable<Integer, byte[]> getClientExtensions() throws IOException {  
                        Hashtable<Integer, byte[]> clientExtensions = super.getClientExtensions();  
                        if (clientExtensions == null) {  
                            clientExtensions = new Hashtable<Integer, byte[]>();  
                        }  
  
                        //Add host_name  
                        byte[] host_name = host.getBytes();  
  
                        final ByteArrayOutputStream baos = new ByteArrayOutputStream();  
                        final DataOutputStream dos = new DataOutputStream(baos);  
                        dos.writeShort(host_name.length + 3);  
                        dos.writeByte(0);  
                        dos.writeShort(host_name.length);  
                        dos.write(host_name);  
                        dos.close();  
                        clientExtensions.put(ExtensionType.server_name, baos.toByteArray());  
                        return clientExtensions;  
                    }  
  
                    @Override  
                    public TlsAuthentication getAuthentication() throws IOException {  
                        return new TlsAuthentication() {  
                            @Override  
                            public void notifyServerCertificate(Certificate serverCertificate) throws IOException {  
                                try {  
                                    KeyStore ks = _loadKeyStore();  
  
                                    CertificateFactory cf = CertificateFactory.getInstance("X.509");  
                                    List<java.security.cert.Certificate> certs = new LinkedList<java.security.cert.Certificate>();  
                                    boolean trustedCertificate = false;  
                                    for (org.bouncycastle.asn1.x509.Certificate c : ((org.bouncycastle.crypto.tls.Certificate) serverCertificate).getCertificateList()) {  
                                        java.security.cert.Certificate cert = cf.generateCertificate(new ByteArrayInputStream(c.getEncoded()));  
                                        certs.add(cert);  
  
                                        String alias = ks.getCertificateAlias(cert);  
                                        if (alias != null) {  
                                            if (cert instanceof java.security.cert.X509Certificate) {  
                                                try {  
                                                    ((java.security.cert.X509Certificate) cert).checkValidity();  
                                                    trustedCertificate = true;  
                                                } catch (CertificateExpiredException cee) {  
                                                    // Accept all the certs!  
                                                }  
                                            }  
                                        } else {  
                                            // Accept all the certs!  
                                        }  
  
                                    }  
                                    if (!trustedCertificate) {  
                                        // Accept all the certs!  
                                    }  
                                    peertCerts = certs.toArray(new java.security.cert.Certificate[0]);  
                                } catch (Exception ex) {  
                                    ex.printStackTrace();  
                                    throw new IOException(ex);  
                                }  
                            }  
  
                            @Override  
                            public TlsCredentials getClientCredentials(CertificateRequest certificateRequest) throws IOException {  
                                return null;  
                            }  
  
                            private KeyStore _loadKeyStore() throws Exception {  
                                FileInputStream trustStoreFis = null;  
                                try {  
                                    KeyStore localKeyStore = null;  
  
                                    String trustStoreType = System.getProperty("javax.net.ssl.trustStoreType") != null ? System.getProperty("javax.net.ssl.trustStoreType") : KeyStore.getDefaultType();  
                                    String trustStoreProvider = System.getProperty("javax.net.ssl.trustStoreProvider") != null ? System.getProperty("javax.net.ssl.trustStoreProvider") : "";  
  
                                    if (trustStoreType.length() != 0) {  
                                        if (trustStoreProvider.length() == 0) {  
                                            localKeyStore = KeyStore.getInstance(trustStoreType);  
                                        } else {  
                                            localKeyStore = KeyStore.getInstance(trustStoreType, trustStoreProvider);  
                                        }  
  
                                        char[] keyStorePass = null;  
                                        String str5 = System.getProperty("javax.net.ssl.trustStorePassword") != null ? System.getProperty("javax.net.ssl.trustStorePassword") : "";  
  
                                        if (str5.length() != 0) {  
                                            keyStorePass = str5.toCharArray();  
                                        }  
  
                                        localKeyStore.load(trustStoreFis, keyStorePass);  
  
                                        if (keyStorePass != null) {  
                                            for (int i = 0; i < keyStorePass.length; i++) {  
                                                keyStorePass[i] = 0;  
                                            }  
                                        }  
                                    }  
                                    return localKeyStore;  
                                } finally {  
                                    if (trustStoreFis != null) {  
                                        trustStoreFis.close();  
                                    }  
                                }  
                            }  
  
                        };  
                    }  
  
                });  
            } // startHandshake  
        };  
    }  
}

 

package com.miaodiyun.httpapidemo.common;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.net.URLConnection;

import org.apache.commons.codec.digest.DigestUtils;

import javax.net.ssl.HttpsURLConnection;

/**
 * http请求工具
 */
public class HttpUtil {

    public static HttpURLConnection createConnection(URI uri) throws IOException {
        URL url = uri.toURL();
        URLConnection connection = url.openConnection();
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) connection;
        httpsURLConnection.setSSLSocketFactory(new TLSSocketConnectionFactory());
        return httpsURLConnection;
    }
    /**
     * post请求
     * 
     * @param url
     *            功能和操作
     * @param body
     *            要post的数据
     * @return
     * @throws IOException
     */
    public static String post(String url, String body) {
        System.out.println("body:" + System.lineSeparator() + body);
        String result = "";
        try {
            OutputStreamWriter out = null;
            BufferedReader in = null;
//            URL realUrl = new URL(url);
//            URLConnection conn = realUrl.openConnection();
            HttpURLConnection conn = HttpUtil.createConnection(new URI(url ));

            // 设置连接参数
            conn.setDoOutput(true);
            conn.setDoInput(true);
            conn.setConnectTimeout(5000);
            conn.setReadTimeout(20000);
            conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            // 提交数据
            out = new OutputStreamWriter(conn.getOutputStream(), "UTF-8");
            out.write(body);
            out.flush();

            // 读取返回数据
            in = new BufferedReader(new InputStreamReader(conn.getInputStream(), "UTF-8"));
            String line = "";
            boolean firstLine = true; // 读第一行不加换行符
            while ((line = in.readLine()) != null) {
                if (firstLine) {
                    firstLine = false;
                } else {
                    result += System.lineSeparator();
                }
                result += line;
            }

        } catch (Exception e) {
            e.printStackTrace();
        }
        return result;
    }

}

 

参考:https://ligaosong.iteye.com/blog/2356346

bcprov-ext-jdk15on-1.54.jar 下载地址 链接:https://pan.baidu.com/s/1EThNXYOgyMQf_WtQa7UTUw 
提取码:f1mv 

 

 

 

linanqi_java
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure的一个解决方案-附件资源
03-05
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure的一个解决方案-附件资源
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
风语落尘
05-06 7352
1、找到jvm下的java.security文件,Mac电脑路径示例:/Library/Java/JavaVirtualMachines/jdk1.8.0_311.jdk/Contents/Home/jre/lib/security。2、编辑java.security文件,找到参数 jdk.tls.disabledAlgorithms 这一行,删除掉RC4 前面的几个值 即可。排查过程:可使用如下代码,打印http请求协议过程。修改后如下,重新请求地址,请求正常,问题解决
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure问题解决
wms_17512098051的博客
03-30 1万+
最近在生产环境调用Https接口出现这个问题javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure,经查询,见到网上大部分答案是替换%JAVA_HOME%\jre\lib\security路径下的两个jar包,local_policy.jar和US_export_policy.jar,由于自己替换后发...
解决jdk1.7支持TLS1.2问题
04-26
NULL 博文链接:https://ligaosong.iteye.com/blog/2356346
JDK1.6使用BouncyCastle第三方jar支持TSL1.2通过Nginx转发多个HTTPS接口请求
06-05
使用Nginx作为代理服务器,HTTP的接口代理没有问题,HTPPS的接口代理Java后台总是报错,主要是因为项目使用的JDK1.6,不支持TLS1.2导致握手失败。通过BouncyCastle的第三方jar包可以解决这个问题。也可以使用Nginx的...
java jdk 1.7官网免安装版本
10-25
java jdk 1.7官网免安装版本,解压就可以直接使用,不用再官网登录账号就可以直接下载,省去很多麻烦,不用各种等待,直接使用csdn平台就可以直接下载。
jdk1.7版本免安装
07-26
jdk1.7版本免安装
jdk1.7_linux Linux版零积分免费下载
04-15
jdk1.7_linux Linux版零积分jdk1.7_linux Linux版零积分免费下载jdk1.7_linux Linux版零积分免费下载jdk1.7_linux Linux版零积分免费下载jdk1.7_linux Linux版零积分免费下载jdk1.7_linux Linux版零积分免费下载jdk...
搞定 javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 问题
dingyufei的博客
06-09 5930
开始碰到这个问题找遍了各种方法,其实还是需要耐心的先搞清楚原因再想方法靠谱,这里也总结下这个异常的多种解决方案, 首先先理解下为什么出现handshake?字面理解是客户端与服务端握手失败,能导致握手失败的原因是什么? 一.协议版本不同 首先是两边版本协议不一致,例如客户端可能是jdk7 /jdk8 它们支持的协议参考这里https://emacsist.github.io/2017/03/02/https.protocols%E5%9C%A8java%E4%B8%AD%E7%9A%84%E4%BD%
SSLHandshakeException: Received fatal alert: handshake_failure异常分析
John_Kry的博客
11-15 5710
先说明原因,jdk的不同版本不支持cipher suite(加密套件)所导致,我是客户端,服务端仅仅支持AES 256,而我的jdk版本却支持到AES 128,他们说256才足够安全,我上次这么无语还是上次 1.首先参考了改博主的帖子 有了想法 SSLHandshakeException: Received fatal alert: handshake_failure_jiangjun0130的博客-CSDN博客问题出现: jdk版本从7升级到8之后,出现ssl异常信息:具体错误信息如下:问题定位 关于
Received fatal alert:handshake_failure 异常解决方法
weixin_40461030的博客
01-15 1万+
目录 1.背景 2. 报错信息 3.问题分析 4. 解决方法 1.背景 PCI认证,要求安全传输层协议由之前的TLS v1.0、TLS v1.1升级到TLS v1.2。 2. 报错信息 java.lang.Exception: 接口调用失败: at com.huateng.szairpay.common.utils.HTTPSInvoke.sendHttpsRequest...
解决webmagic访问报错javax.net.ssl.SSLException: Received fatal alert: protocol_version
热门推荐
Good Luck
07-16 8万+
拷贝两个类: package com.example.mindsa.webmagic.sslconfig; import org.apache.commons.io.IOUtils; import org.apache.http.HttpResponse; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.impl.client.CloseableHttpClient; import
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 解决方案
shizhk_boke
01-28 1589
最近在做一个接口请求的时候,遇到javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure这个异常,怎么也处理不了,最后发现是jar包的问题,在通过https访问的时候安全机制策略有问题,这个是jdk导致的,jdk里面有一个jce的包,安全性机制导致的访问https会报错,官网上有替代的jar包,替换以后...
解决jdk1.7升级1.8
最新发布
11-10
要将JDK 1.7升级到JDK 1.8,可以按照以下步骤进行操作: 1.下载JDK 1.8安装包并解压缩。 2.将JDK 1.8的bin目录添加到系统环境变量中。 3.在命令行中输入java -version,检查JDK版本是否已更新为1.8。 如果您使用的是CentOS 7操作系统,可以按照以下步骤安装JDK 1.8: 1.使用以下命令安装OpenJDK 1.8:sudo yum install java-1.8.0-openjdk-devel 2.检查JDK版本是否已更新为1.8:java -version --相关问题--: 1. 如何在Windows系统中升级JDK版本? 2. 如何在Linux系统中卸载JDK? 3. JDK 1.

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值