Java 在Ubuntu OpenJDK 7上启用密码
我编写了以下Java程序来在JVM中转储启用的密码:Java 在Ubuntu OpenJDK 7上启用密码,java,ubuntu,ssl,openjdk,Java,Ubuntu,Ssl,Openjdk,我编写了以下Java程序来在JVM中转储启用的密码: import java.security.KeyStore; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLSocket; import javax.net.ssl.TrustManagerFactory; public class ListCiphers { public stati
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManagerFactory;
public class ListCiphers
{
public static void main(String[] args)
throws Exception
{
SSLContext ctx = SSLContext.getInstance("TLSv1");
// Create an empty TrustManagerFactory to avoid loading default CA
KeyStore ks = KeyStore.getInstance("JKS");
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ks);
ctx.init(null, tmf.getTrustManagers(), null);
SSLSocket socket = (SSLSocket) ctx.getSocketFactory().createSocket("mozilla.org", 443);
printSupportedCiphers(socket);
printEnabledCiphers(socket);
}
private static void printSupportedCiphers(SSLSocket socket)
{
printInfos("Supported cipher suites", socket.getSupportedCipherSuites());
}
private static void printEnabledCiphers(SSLSocket socket)
{
printInfos("Enabled cipher suites", socket.getEnabledCipherSuites());
}
private static void printInfos(String prefix, String[] values)
{
System.out.println(prefix + ":");
for (int i = 0; i < values.length; i++)
System.out.println(" " + values[i]);
}
}
我感到奇怪的是,调试日志报告某些密码不受支持,但它们仍然报告在getsupportedciphersuites()
返回的受支持列表中
我的平台有问题吗?我认为你是对的,警告信息没有帮助。如果查看生成代码的
sun.security.ssl.SSLContextImpl
中的代码:
for (CipherSuite suite : allowedCipherSuites) {
/* snip */
if (suite.isAvailable() &&
suite.obsoleted > protocols.min.v &&
suite.supported <= protocols.max.v) {
/* snip */
} else if (debug != null &&
Debug.isOn("sslctx") && Debug.isOn("verbose")) {
if (suite.obsoleted <= protocols.min.v) {
System.out.println(
"Ignoring obsoleted cipher suite: " + suite);
} else if (suite.supported > protocols.max.v) {
System.out.println(
"Ignoring unsupported cipher suite: " + suite);
} else {
System.out.println(
"Ignoring unavailable cipher suite: " + suite);
}
}
}
for(密码套件套件:允许的密码套件){
/*剪断*/
if(suite.isAvailable()&&
套件.已过时>协议.最小值&&
suite.supported谢谢!链接到最新来源的在线版本也将有助于检查问题是否已得到解决。。。
for (CipherSuite suite : allowedCipherSuites) {
/* snip */
if (suite.isAvailable() &&
suite.obsoleted > protocols.min.v &&
suite.supported <= protocols.max.v) {
/* snip */
} else if (debug != null &&
Debug.isOn("sslctx") && Debug.isOn("verbose")) {
if (suite.obsoleted <= protocols.min.v) {
System.out.println(
"Ignoring obsoleted cipher suite: " + suite);
} else if (suite.supported > protocols.max.v) {
System.out.println(
"Ignoring unsupported cipher suite: " + suite);
} else {
System.out.println(
"Ignoring unavailable cipher suite: " + suite);
}
}
}