SSL处理异常java.lang.ArrayIndexOutOfBoundsException:64与JDK 1.4.2_19时出错
首先,我不能更新我的史前JDK,这是不可能的。 我必须使用JDK 1.4.219,因为它是Weblogic 8.1在非solaris平台上支持的最新JDK,而且我无法更新应用程序服务器(升级或迁移成本太高) 因此,我尝试在JDK 1.4.219下使用以下代码(它只是一个测试类)建立SSL连接:SSL处理异常java.lang.ArrayIndexOutOfBoundsException:64与JDK 1.4.2_19时出错,java,security,ssl,jsse,Java,Security,Ssl,Jsse,首先,我不能更新我的史前JDK,这是不可能的。 我必须使用JDK 1.4.219,因为它是Weblogic 8.1在非solaris平台上支持的最新JDK,而且我无法更新应用程序服务器(升级或迁移成本太高) 因此,我尝试在JDK 1.4.219下使用以下代码(它只是一个测试类)建立SSL连接: System.setProperty("https.proxyHost", proxyHost); System.setProperty("https.proxyPort", ""+proxyPort);
System.setProperty("https.proxyHost", proxyHost);
System.setProperty("https.proxyPort", ""+proxyPort);
URL url = new URL (request);
SSLServerSocketFactory ssf = (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket();
SSLContext context = SSLContext.getInstance("SSL");
context.init(null, trustManager, new SecureRandom()); // bypass certificate
SSLSocketFactory sf = context.getSocketFactory();
HttpsURLConnection.setDefaultSSLSocketFactory(sf);
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
connection.setSSLSocketFactory(sf);
connection.setHostnameVerifier(new TrustAllHostNameVerifier ()); // bypass certificate
connection.setRequestMethod("GET");
connection.setDoOutput(true);
InputStream content = (InputStream)connection.getInputStream();
BufferedReader in = new BufferedReader (new InputStreamReader (content));
String line;
while ((line = in.readLine()) != null) {
System.out.println(line);
}
main, handling exception: java.lang.ArrayIndexOutOfBoundsException: 64
main, SEND TLSv1 ALERT: fatal, description = internal_error
main, WRITE: TLSv1 Alert, length = 2
main, called closeSocket()
javax.net.ssl.SSLException: java.lang.ArrayIndexOutOfBoundsException: 64
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275)
at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA12275)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA12275)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:620)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(DashoA12275)
at xxx.test(TestJava14.java:162)
at xxx.TestJava14.main(TestJava14.java:85)
Caused by: java.lang.ArrayIndexOutOfBoundsException: 64
at com.sun.net.ssl.internal.ssl.SunJSSE_bf.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_bf.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.c(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
... 8 more
- 将BouncyCastleProvider与代码一起使用 addProvider(新的BouncyCastleProvider()); 在java.security中,使用 security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider
- 从旧WAS服务器(lib ibmjsseprovider2.jar)使用IBMJSProvider security.provider.2=com.ibm.jsse2.ibmjsseprovider 2但不能与sun JDK一起使用,我得到一个例外:ibmjsseprovider 2构建级别:-20040601 java.lang.RuntimeException:导出限制:仅SunJSSE
- 禁用java.security中的DHE算法: jdk.tls.disabledAlgorithms=DHE
- 强制一个应该工作的密码套件(已成功安装无限策略文件): 字符串[]CipherSuite={“TLS\U RSA\U WITH_AES\U 256\U CBC\U SHA”}; ss.可设置的密码套件(密码套件); (事实上,我还尝试了JSSE参考指南中提供的所有密码套件)
TrustAllHostNameVerifierSSL\u RSA\u WITH_3DES\u EDE\u CBC\u SHAgoogle.com:443www.google.com:443TrustAllHostNameVerifierSSL\u RSA\u WITH_3DES\u EDE\u CBC\u SHAgoogle.com:443www.google.com:443