Java 使用CloseableHttpClient的记录版本SSLv2Hello不受支持
我正在尝试进行https呼叫,但出现以下错误: 不支持的记录版本SSLv2Hello 谁能解释一下我做错了什么? 谢谢你的帮助 以下是StackTrace: debug: Unsupported record version SSLv2Hello javax.net.ssl.SSLException: Unsupported record version SSLv2Hello at sun.security.ssl.InputRecord.readV3Record(Unknown Source) at sun.security.ssl.InputRecord.read(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:275) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:254) at org.apache.http.impl.conn.HttpClientConnectionOperator.connect(HttpClientConnectionOperator.java:123) at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:318) at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:363) at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:219) at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:195) at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:86) at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108) at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) at httpcomponents.httpsTest.main(httpsTest.java:135) 调试: 不支持的记录版本SSLv2Hello javax.net.ssl.SSLException:不支持的记录版本SSLv2Hello 位于sun.security.ssl.InputRecord.readV3Record(未知源) 位于sun.security.ssl.InputRecord.read(未知源) 位于sun.security.ssl.SSLSocketImpl.readRecord(未知源) 位于sun.security.ssl.SSLSocketImpl.performInitialHandshake(未知源) 位于sun.security.ssl.SSLSocketImpl.startHandshake(未知源) 位于sun.security.ssl.SSLSocketImpl.startHandshake(未知源) 位于org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:275) 位于org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:254) 位于org.apache.http.impl.conn.HttpClientConnectionOperator.connect(HttpClientConnectionOperator.java:123) 位于org.apache.http.impl.conn.poolghttpclientconnectionmanager.connect(poolghttpclientconnectionmanager.java:318) 位于org.apache.http.impl.execchain.MainClientExec.buildRoute(MainClientExec.java:363) 位于org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:219) 位于org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:195) 位于org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:86) 位于org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:108) 位于org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184) 在org.apache.http.impl.client.CloseableHttpClient.execute上(CloseableHttpClient.java:82) 位于httpcomponents.httpsTest.main(httpsTest.java:135) 下面是一个工作示例: import com.sun.net.ssl.internal.ssl.Provider; import java.io.IOException; import java.security.KeyManagementException; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.security.Security; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import java.text.MessageFormat; import java.util.ArrayList; import java.util.List; import java.util.Timer; import java.util.TimerTask; import java.util.concurrent.TimeUnit; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLException; import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSocket; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import org.apache.http.Header; import org.apache.http.HttpHeaders; import org.apache.http.client.config.RequestConfig; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpHead; import org.apache.http.conn.socket.LayeredConnectionSocketFactory; import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.conn.ssl.SSLContexts; import org.apache.http.conn.ssl.X509HostnameVerifier; import org.apache.http.entity.ContentType; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClientBuilder; import org.apache.http.impl.conn.PoolingHttpClientConnectionManager; import org.apache.http.protocol.BasicHttpContext; import org.apache.http.protocol.HttpContext;Java 使用CloseableHttpClient的记录版本SSLv2Hello不受支持,java,ssl,apache-httpcomponents,Java,Ssl,Apache Httpcomponents,我正在尝试进行https呼叫,但出现以下错误: 不支持的记录版本SSLv2Hello 谁能解释一下我做错了什么? 谢谢你的帮助 以下是StackTrace: debug: Unsupported record version SSLv2Hello javax.net.ssl.SSLException: Unsupported record version SSLv2Hello at sun.security.ssl.InputRecord.readV3Record(Unk
String audioURL = "https://mydata.com/webreports/audio.jsp?callID=338786512&authentication=98695279578B04166629C0"; RequestConfig requestConfig = null; requestConfig = RequestConfig .custom() .setConnectTimeout(5000) .setConnectionRequestTimeout(5000) .setSocketTimeout(5000) .build(); PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = null; poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(); poolingHttpClientConnectionManager.setMaxTotal(5); CloseableHttpClient closeableHttpClient = null; HttpHead httpHead = new HttpHead(audioURL); try { Provider sslProvider = new Provider(); if (Security.getProvider(sslProvider.getName()) == null) { Security.addProvider(sslProvider); } TrustManager[] trustAllCerts = new TrustManager[]{ new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkServerTrusted(X509Certificate[] certs, String authType) throws CertificateException { } @Override public void checkClientTrusted(X509Certificate[] certs, String authType) throws CertificateException { } } }; SSLContext sslContext = SSLContexts .custom() .useSSL() .build(); sslContext.init(null, trustAllCerts, new SecureRandom()); LayeredConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext); X509HostnameVerifier x509HostnameVerifier = new X509HostnameVerifier() { @Override public void verify(String host, SSLSocket ssl) throws IOException { //do nothing } @Override public void verify(String host, X509Certificate cert) throws SSLException { //do nothing //do nothing } @Override public void verify(String host, String[] cns, String[] subjectAlts) throws SSLException { //do nothing } @Override public boolean verify(String string, SSLSession ssls) { return true; } }; closeableHttpClient = HttpClientBuilder .create() .setDefaultRequestConfig(requestConfig) .setConnectionManager(poolingHttpClientConnectionManager) .setSslcontext(sslContext) .setHostnameVerifier(x509HostnameVerifier) .setSSLSocketFactory(sslConnectionSocketFactory) .build(); } catch (NoSuchAlgorithmException noSuchAlgorithmException) { System.out.println(noSuchAlgorithmException.getMessage()); } catch (KeyManagementException keyManagementException) { System.out.println(keyManagementException.getMessage()); } HttpContext httpContext = new BasicHttpContext(); CloseableHttpResponse closeableHttpResponse = null; try { if (closeableHttpClient != null) { closeableHttpResponse = closeableHttpClient.execute(httpHead, httpContext); if (closeableHttpResponse != null) { int statusCode = closeableHttpResponse.getStatusLine().getStatusCode(); System.out.println(String.valueOf(statusCode)); } } } catch (IOException iOException) { System.out.println(iOException.getMessage()); } finally { if (closeableHttpResponse != null) { try { closeableHttpResponse.close(); } catch (IOException iOException) { System.out.println(iOException.getMessage()); } } if (closeableHttpClient != null) { try { closeableHttpClient.close(); } catch (IOException iOException) { System.out.println(iOException.getMessage()); } } } 导入com.sun.net.ssl.internal.ssl.Provider; 导入java.io.IOException; 导入java.security.KeyManagementException; 导入java.security.NoSuchAlgorithmException; 导入java.security.SecureRandom; 导入java.security.security; 导入java.security.cert.CertificateException; 导入java.security.cert.x509证书; 导入java.text.MessageFormat; 导入java.util.ArrayList; 导入java.util.List; 导入java.util.Timer; 导入java.util.TimerTask; 导入java.util.concurrent.TimeUnit; 导入javax.net.ssl.SSLContext; 导入javax.net.ssl.SSLException; 导入javax.net.ssl.SSLSession; 导入javax.net.ssl.SSLSocket; 导入javax.net.ssl.TrustManager; 导入javax.net.ssl.X509TrustManager; 导入org.apache.http.Header; 导入org.apache.http.HttpHeaders; 导入org.apache.http.client.config.RequestConfig; 导入org.apache.http.client.methods.CloseableHttpResponse; 导入org.apache.http.client.methods.HttpHead; 导入org.apache.http.conn.socket.LayeredConnectionSocketFactory; 导入org.apache.http.conn.ssl.SSLConnectionSocketFactory; 导入org.apache.http.conn.ssl.SSLContexts; 导入org.apache.http.conn.ssl.X509HostnameVerifier; 导入org.apache.http.entity.ContentType; 导入org.apache.http.impl.client.CloseableHttpClient; 导入org.apache.http.impl.client.HttpClientBuilder; 导入org.apache.http.impl.conn.poolighttpclientconnectionmanager; 导入org.apache.http.protocol.BasicHttpContext; 导入org.apache.http.protocol.HttpContext
字符串audioURL=“”; RequestConfig RequestConfig=null; requestConfig=requestConfig .custom() .setConnectTimeout(5000) .setConnectionRequestTimeout(5000) .setSocketTimeout(5000) .build(); PoolightPClientConnectionManager PoolightPClientConnectionManager=null; PoolightPClientConnectionManager=新的PoolightPClientConnectionManager(); poollighttpclientconnectionmanager.setMaxTotal(5); CloseableHttpClient CloseableHttpClient=null; HttpHead HttpHead=新的HttpHead(audioURL); 试一试{ Provider sslProvider=新提供程序(); if(Security.getProvider(sslProvider.getName())==null){ Security.addProvider(sslProvider); } TrustManager[]trustAllCerts=新的TrustManager[]{ 新X509TrustManager(){ @凌驾 公共X509证书[]getAcceptedIssuers(){ 返回null; } @凌驾 public void checkServerTrusted(X509Certificate[]certs,String authType)引发CertificateException{ } @凌驾 public void checkClientTrusted(X509Certificate[]certs,String authType)引发CertificateException{ } } }; SSLContext SSLContext=SSLContexts .custom() .usesl() .build(); init(null,trustAllCerts,newSecureRandom()); LayeredConnectionSocketFactory sslConnectionSocketFactory=新的sslConnectionSocketFactory(sslContext); X509HostnameVerifier X509HostnameVerifier=新X509HostnameVerifier(){ @凌驾 公共无效验证(字符串主机、SSLSocket ssl)引发IOException{ //无所事事 } @凌驾 public void verify(字符串主机,X509证书证书证书)引发SSLException{ //什么也不做 } @凌驾 public void verify(字符串主机、字符串[]cns、字符串[]主题)引发SSLException{ //无所事事 } @凌驾 公共布尔验证(字符串、SSLSession ssls){ 返回true;
package httpcomponents;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpHead;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.LayeredConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
/**
*
* @author mark.jones
*/
public class HttpTest3 {
public static void main(String[] args) {
CloseableHttpClient closeableHttpClient = null;
CloseableHttpResponse closeableHttpResponse = null;
try {
HttpHead httpHead = null;
TrustStrategy trustStrategy = null;
SSLContext sslContext = null;
X509HostnameVerifier x509HostnameVerifier = null;
LayeredConnectionSocketFactory sslConnectionSocketFactory = null;
Registry<ConnectionSocketFactory> registry = null;
PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = null;
RequestConfig requestConfig = null;
String audioURL = "https://ancientserver.com/webreports/audio.jsp?callID=338786512&authentication=98695279578B04166629C0AC0ABB49F0";
httpHead = new HttpHead(audioURL);
trustStrategy = new TrustStrategy() {
@Override
public boolean isTrusted(X509Certificate[] xcs, String authType) throws CertificateException {
return true;
}
};
sslContext = SSLContexts
.custom()
.useSSL()
.loadTrustMaterial(null, trustStrategy)
.setSecureRandom(new SecureRandom())
.build();
x509HostnameVerifier = new X509HostnameVerifier() {
@Override
public void verify(String host, SSLSocket ssl) throws IOException {
//do nothing
}
@Override
public void verify(String host, X509Certificate cert) throws SSLException {
//do nothing //do nothing
}
@Override
public void verify(String host, String[] cns, String[] subjectAlts) throws SSLException {
//do nothing
}
@Override
public boolean verify(String string, SSLSession ssls) {
return true;
}
};
//either one works
//LayeredConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, new String[]{"TLSv1"}, null, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, new String[]{"TLSv1"}, null, x509HostnameVerifier);
registry = RegistryBuilder.<ConnectionSocketFactory>create()
.register("http", PlainConnectionSocketFactory.getSocketFactory())
.register("https", sslConnectionSocketFactory)
.build();
poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(registry);
requestConfig = RequestConfig
.custom()
.setConnectTimeout(5000) //5 seconds
.setConnectionRequestTimeout(5000)
.setSocketTimeout(5000)
.build();
closeableHttpClient = HttpClientBuilder
.create()
.setDefaultRequestConfig(requestConfig)
.setSslcontext(sslContext)
.setHostnameVerifier(x509HostnameVerifier)
.setSSLSocketFactory(sslConnectionSocketFactory)
.setConnectionManager(poolingHttpClientConnectionManager)
.build();
if (closeableHttpClient != null) {
closeableHttpResponse = closeableHttpClient.execute(httpHead);
if (closeableHttpResponse != null) {
int statusCode = closeableHttpResponse.getStatusLine().getStatusCode();
System.out.println(String.valueOf(statusCode));
System.out.println(closeableHttpResponse.getFirstHeader("Content-Type"));
}
}
} catch (NoSuchAlgorithmException noSuchAlgorithmException) {
System.out.println(noSuchAlgorithmException.getMessage());
} catch (KeyStoreException keyStoreException) {
System.out.println(keyStoreException.getMessage());
} catch (KeyManagementException keyManagementException) {
System.out.println(keyManagementException.getMessage());
} catch (IOException iOException) {
System.out.println(iOException.getMessage());
} finally {
if (closeableHttpResponse != null) {
try {
closeableHttpResponse.close();
} catch (IOException iOException) {
System.out.println(iOException.getMessage());
}
}
if (closeableHttpClient != null) {
try {
closeableHttpClient.close();
} catch (IOException iOException) {
System.out.println(iOException.getMessage());
}
}
}
}
}