jdk1.7访问https出现握手失败的情况，原因是jdk1.7默认TLS1.1,目标服务器jdk1.8使用TLS1.2

最新推荐文章于 2024-09-07 16:08:46 发布

红鼻子大嘿

最新推荐文章于 2024-09-07 16:08:46 发布

阅读量3.2k

点赞数 1

文章标签： java

本文链接：https://blog.csdn.net/qq_35309220/article/details/104975263

版权

解决方式如下：强制将请求提升至TLS1.2

/**
	 * Post(Json)
	 * @param url 
	 * @param json	请求json
	 * @param charSet	请求编码（UTF-8）
	 * @return
	 * @throws Exception
	 */
public static String sendHttpsPostjson(String url, String json,
			String charSet) throws Exception {
		// 实现一个X509TrustManager接口，用于绕过验证，不用修改里面的方法
	    X509TrustManager trustManager = new X509TrustManager() {	 
	        @Override
	        public X509Certificate[] getAcceptedIssuers() {
	            return null;
	        }

			@Override
			public void checkClientTrusted(X509Certificate[] arg0, String arg1)
					throws CertificateException {
				
			}

			@Override
			public void checkServerTrusted(X509Certificate[] arg0, String arg1)
					throws CertificateException {
				
			}
	 
	    };
	 
	    SSLContext sc = SSLContext.getInstance("TLSv1.2");
	    sc.init(null, new TrustManager[] { trustManager }, null);	 
	    SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sc);

		
		HttpClient httpClient = null;
		HttpPost httpPost = null;
		String result = null;
		httpClient = HttpClients.custom().setSSLSocketFactory(sslsf).build();
		httpPost = new HttpPost(url);
		JSONObject map = JSON.parseObject(json);
		StringEntity entity = new StringEntity(map.toString(), charSet);
		entity.setContentEncoding(charSet);
		entity.setContentType("application/json");
		httpPost.setEntity(entity);
		HttpResponse response = httpClient.execute(httpPost);
		if (response != null) {
			HttpEntity resEntity = response.getEntity();
			if (resEntity != null) {
				result = EntityUtils.toString(resEntity, charSet);
			}
		}

		return result;
	}

/**
* Post(form表单)
* @param url
* @param params
* @return
* @throws Exception
*/
public static String sendHttpsPostForm(String url, Map<String, String> params)
throws Exception {
// 实现一个X509TrustManager接口，用于绕过验证，不用修改里面的方法
X509TrustManager trustManager = new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain,
String authType) throws CertificateException {
}

		@Override
		public void checkServerTrusted(X509Certificate[] chain,
				String authType) throws CertificateException {
		}

		@Override
		public X509Certificate[] getAcceptedIssuers() {
			return null;
		}

	};

	SSLContext sc = SSLContext.getInstance("TLSv1.2");
	sc.init(null, new TrustManager[] { trustManager }, null);

	SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sc);
	CloseableHttpClient httpclient = HttpClients.custom()
			.setSSLSocketFactory(sslsf).build();
	HttpPost post = new HttpPost(url);
	post.addHeader("Content-Type",
			"application/x-www-form-urlencoded; charset=UTF-8");
	post.getParams().setParameter(HttpMethodParams.HTTP_CONTENT_CHARSET,
			"UTF-8");
	List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
	Set set = params.keySet();
	for (Object str : set) {
		nameValuePairs.add(new BasicNameValuePair(str.toString(), params
				.get(str)));
	}
	post.setEntity(new UrlEncodedFormEntity(nameValuePairs, "UTF-8"));

	CloseableHttpResponse response = httpclient.execute(post);
	String returnStr = "";
	try {
		HttpEntity entity = response.getEntity();
		returnStr = EntityUtils.toString(entity);
	} finally {
		response.close();
	}
	return returnStr;
}