Ssl 如何在JAX-RS客户机上以编程方式重写密码/协议_Ssl_Jersey_Jax Rs_Tls1.2_Handshake

Ssl 如何在JAX-RS客户机上以编程方式重写密码/协议

ssl jersey

Ssl 如何在JAX-RS客户机上以编程方式重写密码/协议,ssl,jersey,jax-rs,tls1.2,handshake,Ssl,Jersey,Jax Rs,Tls1.2,Handshake,我在尝试覆盖JAX-RS客户机上的密码/协议时遇到了这个问题。这里使用的是Jersey框架以下是构建客户机的方式 Client client = ClientBuilder.newBuilder().sslContext(sslContext).hostnameVerifier(hostnameVerifier).build(); 我尝试过以下方法，但没有成功创建自定义SSLSocketFactory，并在SSL SocketFactory类的createSocket（）方法上重写密码和协

我在尝试覆盖JAX-RS客户机上的密码/协议时遇到了这个问题。这里使用的是Jersey框架

以下是构建客户机的方式

Client client = ClientBuilder.newBuilder().sslContext(sslContext).hostnameVerifier(hostnameVerifier).build();

我尝试过以下方法，但没有成功

创建自定义

SSLSocketFactory

，并在

SSL SocketFactory

类的

createSocket（）

方法上重写密码和协议。然后，

HttpsURLConnection.setDefaultSSLSocketFactory（sf）

。但是，这种方法并没有反映出这一点

在

SslContextFactory

和

SSLParameters

的帮助下，尝试重写

sslcontext

，这也会有所帮助

有人能帮忙找到一种方法，在JAX-RS客户端的

sslContext

上以编程方式重写密码/协议吗

您可以实施SSLSocketFactory：

public class CustomSSLSocketFactory extends SSLSocketFactory {

    private final SSLSocketFactory sslSocketFactory;

    public CustomSSLSocketFactory(SSLSocketFactory sslSocketFactory) {
        this.sslSocketFactory = sslSocketFactory;
    }

    @Override
    public String[] getDefaultCipherSuites() {
        return sslSocketFactory.getDefaultCipherSuites();
    }

    @Override
    public String[] getSupportedCipherSuites() {
        return sslSocketFactory.getSupportedCipherSuites();
    }

    @Override
    public Socket createSocket() throws IOException {
        return adjustEnabledCipherSuites((SSLSocket) sslSocketFactory.createSocket());
    }

    @Override
    public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException {
        return adjustEnabledCipherSuites((SSLSocket) sslSocketFactory.createSocket(socket, host, port, autoClose));
    }

    @Override
    public Socket createSocket(String host, int port) throws IOException {
        return adjustEnabledCipherSuites((SSLSocket) sslSocketFactory.createSocket(host, port));
    }

    @Override
    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException {
        return adjustEnabledCipherSuites((SSLSocket) sslSocketFactory.createSocket(host, port, localHost, localPort));
    }

    @Override
    public Socket createSocket(InetAddress host, int port) throws IOException {
        return adjustEnabledCipherSuites((SSLSocket) sslSocketFactory.createSocket(host, port));
    }

    @Override
    public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
        return adjustEnabledCipherSuites((SSLSocket) sslSocketFactory.createSocket(address, port, localAddress, localPort));
    }

    private SSLSocket adjustEnabledCipherSuites(SSLSocket sslSocket) {
        sslSocket.setEnabledCipherSuites(new String[]{"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"});
        return sslSocket;
    }
}

ClientConfig clientConfig = new ClientConfig()
CustomSSLSocketFactory sslSocketFactory = new CustomSSLSocketFactory(sslContext.getSocketFactory());

 HttpUrlConnectorProvider.ConnectionFactory factory = url -> {
     HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();
     httpsURLConnection.setSSLSocketFactory(sslSocketFactory);
     return httpsURLConnection;
 };
 clientConfig.connectorProvider(new HttpUrlConnectorProvider().connectionFactory(factory));

现在，您需要将客户端配置为使用使用上述SSLSocketFactory的自定义ConnectionFactory：

public class CustomSSLSocketFactory extends SSLSocketFactory {

    private final SSLSocketFactory sslSocketFactory;

    public CustomSSLSocketFactory(SSLSocketFactory sslSocketFactory) {
        this.sslSocketFactory = sslSocketFactory;
    }

    @Override
    public String[] getDefaultCipherSuites() {
        return sslSocketFactory.getDefaultCipherSuites();
    }

    @Override
    public String[] getSupportedCipherSuites() {
        return sslSocketFactory.getSupportedCipherSuites();
    }

    @Override
    public Socket createSocket() throws IOException {
        return adjustEnabledCipherSuites((SSLSocket) sslSocketFactory.createSocket());
    }

    @Override
    public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException {
        return adjustEnabledCipherSuites((SSLSocket) sslSocketFactory.createSocket(socket, host, port, autoClose));
    }

    @Override
    public Socket createSocket(String host, int port) throws IOException {
        return adjustEnabledCipherSuites((SSLSocket) sslSocketFactory.createSocket(host, port));
    }

    @Override
    public Socket createSocket(String host, int port, InetAddress localHost, int localPort) throws IOException {
        return adjustEnabledCipherSuites((SSLSocket) sslSocketFactory.createSocket(host, port, localHost, localPort));
    }

    @Override
    public Socket createSocket(InetAddress host, int port) throws IOException {
        return adjustEnabledCipherSuites((SSLSocket) sslSocketFactory.createSocket(host, port));
    }

    @Override
    public Socket createSocket(InetAddress address, int port, InetAddress localAddress, int localPort) throws IOException {
        return adjustEnabledCipherSuites((SSLSocket) sslSocketFactory.createSocket(address, port, localAddress, localPort));
    }

    private SSLSocket adjustEnabledCipherSuites(SSLSocket sslSocket) {
        sslSocket.setEnabledCipherSuites(new String[]{"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"});
        return sslSocket;
    }
}

ClientConfig clientConfig = new ClientConfig()
CustomSSLSocketFactory sslSocketFactory = new CustomSSLSocketFactory(sslContext.getSocketFactory());

 HttpUrlConnectorProvider.ConnectionFactory factory = url -> {
     HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();
     httpsURLConnection.setSSLSocketFactory(sslSocketFactory);
     return httpsURLConnection;
 };
 clientConfig.connectorProvider(new HttpUrlConnectorProvider().connectionFactory(factory));