SSL:javax.net.ssl.SSLException: Received fatal alert: protocol_version

调用一个https的接口报错javax.net.ssl.SSLException: Received fatal alert: protocol_version

在Java 1.8上,默认TLS协议是v1.2。在Java 1.6和1.7上,默认是已废弃的TLS1.0,由于此项目使用的是jdk1.6,因此引发错误。

解决方法1:

在发起请求前面设置TLSv1.2协议

System.setProperty("https.protocols", "TLSv1.2");

解决方法2:

在发起请求前忽略ssl认证:

工具类:

import java.security.cert.CertificateException;

import java.security.cert.X509Certificate;

import javax.net.ssl.HostnameVerifier;

import javax.net.ssl.HttpsURLConnection;

import javax.net.ssl.SSLContext;

import javax.net.ssl.SSLSession;

import javax.net.ssl.TrustManager;

import javax.net.ssl.X509TrustManager;

public class SslUtils {

private static void trustAllHttpsCertificates() throws Exception {

TrustManager[] trustAllCerts = new TrustManager[1];

TrustManager tm = new miTM();

trustAllCerts[0] = tm;

SSLContext sc = SSLContext.getInstance("SSL");

sc.init(null, trustAllCerts, null);

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

}

static class miTM implements TrustManager,X509TrustManager {

public X509Certificate[] getAcceptedIssuers() {

return null;

}

public boolean isServerTrusted(X509Certificate[] certs) {

return true;

}

public boolean isClientTrusted(X509Certificate[] certs) {

return true;

}

public void checkServerTrusted(X509Certificate[] certs, String authType)

throws CertificateException {

return;

}

public void checkClientTrusted(X509Certificate[] certs, String authType)

throws CertificateException {

return;

}

}

/**

* 忽略HTTPS请求的SSL证书,必须在openConnection之前调用

* @throws Exception

*/

public static void ignoreSsl() throws Exception{

HostnameVerifier hv = new HostnameVerifier() {

public boolean verify(String urlHostName, SSLSession session) {

return true;

}

};

trustAllHttpsCertificates();

HttpsURLConnection.setDefaultHostnameVerifier(hv);

}

}

使用方法:

public String doHttpGetUTF8(String postUrl,String token) {

OutputStreamWriter out = null;

BufferedReader in = null;

String result = "";

try {

URL realUrl = new URL(postUrl);

if("https".equalsIgnoreCase(realUrl.getProtocol())){

SslUtils.ignoreSsl();

}

//打开 url之间的连接

HttpURLConnection conn = (HttpURLConnection)realUrl.openConnection();

//设置通用的请求属性

conn.setRequestMethod("GET");

conn.setUseCaches(false);

conn.setRequestProperty("Accept-Charset", "utf-8");

conn.setRequestProperty("contentType", "utf-8");

conn.setRequestProperty("Content-Type", "application/x‑www‑form‑urlencoded");

conn.setRequestProperty("Authorization", "Bearer "+token);

conn.setConnectTimeout(5000);

conn.setReadTimeout(5000);

long start = System.currentTimeMillis();

//获取 URLConnection对象输出对应的输出流

// 定义BufferedReader输入流来读取URL的响应

in = new BufferedReader(new InputStreamReader(conn.getInputStream(),"utf-8"));

long end = System.currentTimeMillis();

String line;

while (null != (line = in.readLine())) {

result += "\n" + line;

}

//建立

} catch (Exception e) {

System.out.println("发送GET请求出现异常!" + e);

e.printStackTrace();

}

// 使用finally块来关闭输出流、输入流

finally {

try {

if (out != null) {

out.close();

}

if (in != null) {

in.close();

}

} catch (IOException ex) {

ex.printStackTrace();

}

}

return result;

}

建立连接之前调用该方法即可

解决方法3:

在项目中同时配置jdk1.6和jdk1.8

我用的方法3,方法1和方法2没有起作用

相关推荐
FPGA_Linuxer3 天前
FPGA 40 DAC线缆和光模块带光纤实现40G UDP差异
网络协议·fpga开发·udp
real 13 天前
传输层协议UDP
网络·网络协议·udp
hsjkdhs3 天前
网络编程之UDP广播与粘包问题
网络·网络协议·udp
yzx9910133 天前
接口协议全解析:从HTTP到gRPC,如何选择适合你的通信方案?
网络·人工智能·网络协议·flask·pygame
板鸭〈小号〉3 天前
UDP-Server(3)chat聊天室
网络·网络协议·udp
weixin_456904273 天前
使用HTTPS 服务在浏览器端使用摄像头的方式解析
网络协议·http·https
疯狂的维修4 天前
关于Gateway configration studio软件配置网关
网络协议·c#·自动化·gateway
wow_DG4 天前
【WebSocket✨】入门之旅(五):WebSocket 的安全性
网络·websocket·网络协议
拷贝码农卡卡东4 天前
pre-commit run --all-files 报错:http.client.RemoteDisconnected
网络·网络协议·http