在对接E.COMPROCESSING支付网关过程出现的问题记录一下:
Eclipse+Tomcat7.0+JDK1.7
在使用以下代码连接的过程中出现以下异常:
try{
String url = bankChannel.getBankPayUrl() + "/" + bankChannel.getChannelMerNo();
String chartSet = "UTF-8";
// 生成httpClient
DefaultHttpClient httpClient = new DefaultHttpClient();
SSLContext sc = SSLContext.getInstance("TLSv1.1");
sc.init(null, null, null);
SSLSocketFactory sslSocketFactory = new SSLSocketFactory(sc);
Scheme protocolScheme = new Scheme("HTTPS", 443, sslSocketFactory);
httpClient.getConnectionManager().getSchemeRegistry().register(protocolScheme);
httpClient.setHttpRequestRetryHandler(new GBHttpRequestRetryHandler());
// 生成httpPost
HttpPost post = HttpClientUtil.generateHttpPost(url, sendData, chartSet);
String userPass = username+":"+password;
String encoded = Base64.encodeBase64String(userPass.getBytes());
post.setHeader("Accept", "application/xml");
post.setHeader("Content-Type", "application/xml");
post.setHeader("Authorization", "Basic " + encoded);
// 发送请求
sendResult = HttpClientUtil.postRequest(httpClient, post, null, chartSet, true);
} catch (Exception e) {
return bankUtil.handleSendBankException(bankReturn, paramBean, ECPBank.class, e);
}
1、javax.net.ssl.SSLException: Received fatal alert: protocol_version
2、javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
问题解决:
1、原因:对方需要的加密版本为1.2,代码中使用了1.1,所以造成了bug;解决:把
SSLContext sc = SSLContext.getInstance("TLSv1.1"); 改成
SSLContext sc = SSLContext.getInstance("TLSv1.2");
PS:在jdk1.7(或者1.6)中默认加密版本为1.1,jdk1.8默认1.2;但是1.7也支持1.2,但需要重写版本号;
2、原因:客户端与服务端握手失败(可能是两边版本不一致?);解决:在代码中加入:System.setProperty("jsse.enableSNIExtension","false");
如果是在Eclipse中调用Tomcat内核跑的程序,则需要在run configuration中加入参数:-Djsse.enableSNIExtension=false;
如果是在Windows/Linux下直接运行Tomcat的,则需要在catalina.bat/catalina.sh中加入参数-Djsse.enableSNIExtension=false;
参考:https://stackoverflow.com/questions/7615645/ssl-handshake-alert-unrecognized-name-error-since-upgrade-to-java-1-7-0/43134789#43134789