Java 客户端请求的协议SSLv3未启用或不受支持(IBM JDK 6.0SR10)
从IBM JDK 6.0SR9更新到6.0SR10后,我一直(在服务器端)得到: 未修改任何安全设置。知道如何(重新)启用SSLv3吗Java 客户端请求的协议SSLv3未启用或不受支持(IBM JDK 6.0SR10),java,ssl,sslhandshakeexception,ibm-jdk,Java,Ssl,Sslhandshakeexception,Ibm Jdk,从IBM JDK 6.0SR9更新到6.0SR10后,我一直(在服务器端)得到: 未修改任何安全设置。知道如何(重新)启用SSLv3吗 谢谢。SSLEngine.setEnabledProtocols(),但是默认情况下应该启用SSLv3。我会仔细检查您的断言,它没有被禁用。在以后的版本中,出于安全原因,SSLv3默认被禁用 以下技术说明应详细说明如何启用此功能 当客户端和服务器SSL协议设置不匹配时,会发生异常 以下客户端示例代码适用于配置为支持TLSv1.2协议的服务器端: String r
谢谢。SSLEngine.setEnabledProtocols(),但是默认情况下应该启用SSLv3。我会仔细检查您的断言,它没有被禁用。在以后的版本中,出于安全原因,SSLv3默认被禁用 以下技术说明应详细说明如何启用此功能
当客户端和服务器SSL协议设置不匹配时,会发生异常 以下客户端示例代码适用于配置为支持TLSv1.2协议的服务器端:
String response = "";
URL url = new URL("https://localhost:9043/myservlet);
final SSLContext ctx = SSLContext.getInstance("TLSv1.2");
ctx.init(null, null, null);
// final String protoccol = ctx.getProtocol();
HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
final HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setReadTimeout(15000);
conn.setConnectTimeout(15000);
conn.setRequestMethod("POST");
conn.setDoInput(true);
conn.setDoOutput(true);
final OutputStream os = conn.getOutputStream();
final BufferedWriter writer =
new BufferedWriter(new OutputStreamWriter(os, "UTF-8"));
writer.write(......);
writer.flush();
writer.close();
os.close();
final int responseCode = conn.getResponseCode();
if (responseCode == HttpsURLConnection.HTTP_OK) {
String line;
final BufferedReader br =
new BufferedReader(new InputStreamReader(conn.getInputStream()));
while ((line = br.readLine()) != null) {
response += line;
}
}
System.out.println("response: " + response);
仔细检查。事实上,我现在可以通过简单地在旧的和新的IBMJSProvider2.jar之间切换来重现这个问题。其他一切(conf,dependent libs)都保持不变。通过显式地将SSL协议设置为SSL_TLS/SSL_TLSv2,我可以恢复旧的功能。那么,它的默认值实际上已经更改了吗?以下是IBM在此版本中报告的新内容:@heeboir它在那里声明“IBM实现支持以下协议:SSL、SSLv3、TLS、TLSv1和ssltls,用于引擎类SSLContext或SSLSocket或sslserverssocket类中的API setEnabledProtocols,'但也指出'在FIPS模式下不允许SSLv3协议'。您是否处于FIPS模式?您是否有任何关于SSLv3被禁用的链接?该技术说明建议如何同时启用SSL和TLS,但我看不出它说SSLv3在哪里被禁用(除非像EJP所说的那样处于FIPS模式)。另外,请看这里:
String response = "";
URL url = new URL("https://localhost:9043/myservlet);
final SSLContext ctx = SSLContext.getInstance("TLSv1.2");
ctx.init(null, null, null);
// final String protoccol = ctx.getProtocol();
HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
final HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setReadTimeout(15000);
conn.setConnectTimeout(15000);
conn.setRequestMethod("POST");
conn.setDoInput(true);
conn.setDoOutput(true);
final OutputStream os = conn.getOutputStream();
final BufferedWriter writer =
new BufferedWriter(new OutputStreamWriter(os, "UTF-8"));
writer.write(......);
writer.flush();
writer.close();
os.close();
final int responseCode = conn.getResponseCode();
if (responseCode == HttpsURLConnection.HTTP_OK) {
String line;
final BufferedReader br =
new BufferedReader(new InputStreamReader(conn.getInputStream()));
while ((line = br.readLine()) != null) {
response += line;
}
}
System.out.println("response: " + response);