如何使用启用SSLv3?
如何使用启用SSLv3?
提问于 2015-07-24 10:31:34
SSLv3在Apache4.3.6版本之后就被禁用了,但是我使用的是4.5版本。The 开发人员写
那些希望继续使用SSLv3的用户需要显式地启用对它的支持。
我试图在JVM级别上设置支持的协议,但是它没有工作。这个例子在Scala中,但这与问题无关:
System.setProperty("https.protocols", "SSLv2Hello,SSLv3,TLSv1,TLSv1.1,TLSv1.2")我的第二次尝试是:
val instance: CloseableHttpClient = {
val trustStrategy = new TrustStrategy {
override def isTrusted(x509Certificates: Array[X509Certificate], s: String) = true
}
val sslContext = new SSLContextBuilder().loadTrustMaterial(null, trustStrategy).build()
val sslSocketFactory = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE)
val socketFactoryRegistry =
RegistryBuilder.create[ConnectionSocketFactory]()
.register("http", PlainConnectionSocketFactory.getSocketFactory)
.register("https", sslSocketFactory)
.build()
val connectionManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry)
HttpClients.custom()
.disableRedirectHandling()
.setSSLContext(sslContext)
.setConnectionManager(connectionManager)
.build()
}但也没用。
如何连接到支持SSLv2Hello、SSLv3、TLSv1、TLSv1.1、TLSv1.2和ApacheApache4.5的主机?
回答 1
Stack Overflow用户
回答已采纳
发布于 2015-07-24 15:13:37
默认情况下,HttpClient不考虑系统属性。或者需要指示HttpClient构建器这样做。
CloseableHttpClient client = HttpClients.createSystem();或者用自定义协议设置手动配置连接套接字工厂。
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
SSLContext.getDefault(),
new String[] { "SSLv2Hello","SSLv3","TLSv1","TLSv1.1","TLSv1.2"},
null,
SSLConnectionSocketFactory.getDefaultHostnameVerifier());
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.getSocketFactory())
.register("https", socketFactory)
.build();
PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
CloseableHttpClient client = HttpClients.custom().setConnectionManager(cm).build();编辑
此代码段与注释中提到的站点运行良好。
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
SSLContext.getDefault(),
new String[] {"TLSv1"},
null,
SSLConnectionSocketFactory.getDefaultHostnameVerifier());
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.getSocketFactory())
.register("https", socketFactory)
.build();
PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
CloseableHttpClient client = HttpClients.custom().setConnectionManager(cm).build();
try (CloseableHttpResponse response = client.execute(new HttpGet("https://www.ethz.ch/de.html"))) {
System.out.println(response.getStatusLine());
System.out.println(EntityUtils.toString(response.getEntity()));
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/31608243
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号