JDK1.8中TLS协议问题

于 2024-10-21 16:38:57 发布
阅读量740 收藏 5
点赞数 9
分类专栏: Java 文章标签: java
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_33068037/article/details/143116227
版权

问题示例

@Test
public void linkTest() throws Exception {
    RestTemplate restTemplate = new RestTemplate();
    ResponseEntity<String> forEntity = restTemplate.getForEntity("https://www.beetel.in/", String.class);
    System.out.println(forEntity.getBody());
}

错误信息

SSL 协议版本不一致

Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: protocol_version
	at sun.security.ssl.Alert.createSSLException(Alert.java:131)
	at sun.security.ssl.Alert.createSSLException(Alert.java:117)
	at sun.security.ssl.TransportContext.fatal(TransportContext.java:314)
	at sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
	at sun.security.ssl.TransportContext.dispatch(TransportContext.java:187)
	at sun.security.ssl.SSLTransport.decode(SSLTransport.java:154)
	at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1198)
	at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1107)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:400)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:372)
	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
	at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
	at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)

JDK1.8 支持的TLS/SSL协议

https://blogs.oracle.com/java/post/diagnosing-tls-ssl-and-https

  • TLSv1.2 (默认)
  • TLSv1.1
  • TLSv1
  • SSLv3

解决方案

  • 升级JDK版本(本文不描述)
  • 扩展组件包:openjsse

openjsse组件包

openjsse项目地址

  • 引入依赖(根据自身JDK版本选择依赖版本)
<dependency>
    <groupId>org.openjsse</groupId>
    <artifactId>openjsse</artifactId>
    <version>1.1.4</version>
</dependency>
  • 代码中加入Security.insertProviderAt(new OpenJSSE(), 1);
@Test
public void linkTest() throws Exception {
    Security.insertProviderAt(new OpenJSSE(), 1);

    SSLContext build = SSLContexts.custom().build();
    CloseableHttpClient httpClient = HttpClients.custom().setSSLContext(build).setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE).build();
    HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient);

    RestTemplate restTemplate = new RestTemplate(factory);
    ResponseEntity<String> forEntity = restTemplate.getForEntity("https://www.beetel.in/", String.class);
    System.out.println(forEntity.getBody());
}
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值