Java 7 oracle不支持TLSv1.2
Java 7 oracle不支持TLSv1.2。 我一直在试图运行我的代码,我曾尝试以下的事情:Java 7 oracle不支持TLSv1.2
System.setProperty("deployment.security.TLSv1.1", "false")
System.setProperty("deployment.security.TLSv1", "false")
System.setProperty("deployment.security.TLSv1.2", "true")
System.setProperty("https.protocols", "TLSv1.2")
System.setProperty("https.cipherSuites", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,AES_256_GCM,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384")
,并没有帮助。
如何强制我的Java7应用程序使用Tlsv1.2。我可以使用java8运行我的程序,默认情况下使用TLS1.2,一切正常。
如何在oracle中从Java7中执行此操作。
我也尝试过去/usr/lib/jvm/java-7-oracle/jre/lib/security
和禁用jdk.tls.disabledAlgorithms=SSLv2Hello, SSLv3, TLSv1
但它仍然无法正常工作。
我什么东错了?
顺便说一句,我得到sslhandshakeexception-handshake-failure
编辑:
错误:
0000: 02 28 .(
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT: fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
166 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Connection [email protected] closed
166 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Connection [email protected] shut down
main, called close()
main, called closeInternal(true)
[main] DEBUG org.apache.http.impl.conn.BasicClientConnectionManager - Releasing connection [email protected]
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:533)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:401)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:304)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:72)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:214)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:160)
我会回答我的问题柜面有人有类似的问题:
我花了2天尝试一切,我终于想通了。
在Java-7-oracle
它不可能使用TLS1.2。即使使用系统属性进行配置,甚至在SSLContext级别进行设置也无济于事。他们的支持非常糟糕。虽然在Java-8-oracle
,这是可能的。
简单地将我的java更改为java-7-openjdk-amd64
为我做了诀窍。
我遇到同样的问题,因为我正在使用Apache HTTP客户端库我的请求,我解决了它以这种方式初始化我的HttpClient
CloseableHttpClient client = HttpClients.custom()
.setSSLSocketFactory(getSSLContext())
.build();
其中getSSLContext()
的方法是这样
,我不幸使用org.apache.http.client.methods.HttpUriRequest。从我不想修改的超级类导入,因为很多类都从它继承。其他人在5年前编写了该代码 – orange14
你可以升级你的Java 7版本1.7.0_131-B31
对于JRE 1.7.0_131-B31在甲骨文网站:
TLSv1.2 and TLSv1.1 are now enabled by default on the TLS client end-points. This is similar behavior to what already happens in JDK 8 releases.
是tomcat下运行应用程序? –
不,不是。我正在向服务发出GET请求。用java8我可以轻松做到这一点。同样,在我的Chrome浏览器中,我可以查看请求的输出 – orange14
如何获取SSL上下文? 'SSLContext context = SSLContext.getInstance(“TLSv1.2”);'? – dosdebug